The cyberattack on Marks & Spencer (M&S) is linked to the notorious Scattered Spider group. Explore the severe… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Scattered Spider…
Category: EN
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-31324 SAP NetWeaver Unrestricted File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant…
Proofpoint Leverages AI to Extend Scope of Cybersecurity Reach
Proofpoint has expanded its ability to thwart multistage cyberattacks spanning multiple communications channels while at the same time extending its reach into data security posture management (DSPM). The post Proofpoint Leverages AI to Extend Scope of Cybersecurity Reach appeared first…
Don’t Delete Spam Emails Too Quickly — Here’s Why
Most of us delete spam emails as soon as they land in our inbox. They’re irritating, unwanted, and often contain suspicious content. But what many people don’t know is that keeping them, at least briefly can actually help improve…
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine…
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy
Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence (AI) capabilities in a privacy-preserving manner. “Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or…
20.5 Million DDoS Barrage Shattered Records Leading Attack Fired Off 4.8 Billion Packets
Cloudflare’s latest DDoS Threat Report for the first quarter of 2025 reveals that the company mitigated a record-shattering 20.5 million Distributed Denial of Service (DDoS) attacks, marking a 358% surge year-over-year and a 198% increase quarter-over-quarter compared to the previous…
New Gremlin Stealer Advertised on Hacker Forums Targets Credit Card Data and Login Credentials
A formidable new information-stealing malware dubbed Gremlin Stealer has surfaced in the cybercrime underground, actively promoted since mid-March 2025 on platforms like the Telegram channel CoderSharp. Discovered by Unit 42 researchers at Palo Alto Networks, this malware, crafted in C#,…
Google Reports 75 Zero-Day Vulnerabilities Actively Exploited in the Wild
In a comprehensive report released by the Google Threat Intelligence Group (GTIG), 75 zero-day vulnerabilities were identified as actively exploited in the wild throughout 2024, marking a slight decline from 98 in 2023 but an increase from 63 in 2022.…
Outlaw Cybergang Launches Global Attacks on Linux Environments with New Malware
The Outlaw cybergang, also known as “Dota,” has intensified its global assault on Linux environments, exploiting weak or default SSH credentials to deploy a Perl-based crypto mining botnet. Detailed insights from a recent incident response case in Brazil, handled by…
Konni APT Deploys Multi-Stage Malware in Targeted Organizational Attacks
A sophisticated multi-stage malware campaign, potentially orchestrated by the North Korean Konni Advanced Persistent Threat (APT) group, has been identified targeting entities predominantly in South Korea. Cybersecurity experts have uncovered a meticulously crafted attack chain that leverages advanced obfuscation techniques…
WhatsApp Is Walking a Tightrope Between AI Features and Privacy
WhatsApp’s AI tools will use a new “Private Processing” system designed to allow cloud access without letting Meta or anyone else see end-to-end encrypted chats. But experts still see risks. This article has been indexed from Security Latest Read the…
Enterprise tech dominates zero-day exploits with no signs of slowdown
As Big Tech gets used to the pain, smaller vendors urged to up their game This article has been indexed from The Register – Security Read the original article: Enterprise tech dominates zero-day exploits with no signs of slowdown
Are Puppies the New Booth Babes: What Do You Think?
Walking the floor of the RSA Conference (RSAC) this year, amid the sea of booths packed with flashing monitors, cybersecurity swag and endless sales pitches, one booth stood out — and not for its tech demos or zero-day revelations. Orca…
GPUAF: Two Methods to Root Qualcomm-Based Android Phones
Security researchers have exposed critical vulnerabilities in Qualcomm GPU drivers, impacting a vast array of Android devices from brands like Samsung, Honor, Xiaomi, and Vivo. These exploits, centered around the GPU Address Fault (GPUAF) primitive, target the kgsl_mem_entry and Virtual…
Verizon 2025 Report Highlights Surge in Cyberattacks Through Third Parties
Verizon Business unveiled its 2025 Data Breach Investigations Report (DBIR) today, painting a stark picture of the escalating cyber threat landscape. Analyzing over 22,000 security incidents, including 12,195 confirmed data breaches, the report reveals a alarming 30% involvement of third…
Delta Electronics ISPSoft
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: ISPSoft Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code. 3.…
Rockwell Automation ThinManager
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these…
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems (ICS) advisories on April 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-119-01 Rockwell Automation ThinManager ICSA-25-119-02 Delta Electronics ISPSoft ICSA-25-105-05 Lantronix XPort (Update A) CISA…
Wordfence: The World’s Leading Quality WordPress Vulnerability Intelligence Provider
Today, we’re examining Wordfence’s vulnerability data for 2024 and 2025, and comparing it to other WordPress Certified Numbering Authorities (CNAs) and vulnerability data providers. This report will demonstrate why Wordfence is the undisputed leader in WordPress vulnerability intelligence and WordPress…