An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology in a novel way. According to the researcher TwoSevenOneT, the version targets the parent directories of EDR installations,…
Category: EN
OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically
OpenAI has unveiled Aardvark, an autonomous AI agent powered by its cutting-edge GPT-5 model, designed to detect software vulnerabilities and automatically propose fixes. This tool aims to entrust developers and security teams by scaling human-like analysis across vast codebases, addressing…
What Rural Internet Providers Offer Remote Communities
Loss of internet access in rural areas is considerably more serious, as it disrupts education, work, and communication. Despite such hurdles, it is rural internet providers serving such remote communities and getting them connected. By understanding what these providers can…
A Walk in the Park
In August of 2024 I stopped in my local book shop (shoutout to The Raven Bookstore) as I often do to browse the shelves and see if there was anything I couldn’t live without. A very colorful book jacket caught…
BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government
Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell infections and admin takeover. “Cyber…
Iran Attacks Israeli Cybersecurity Infrastructure
The National Cyber Directorate found a series of cyberattacks that targeted Israeli organisations that offer IT services to companies in the country, and might be linked to Iran. Earlier this month, the failed cyberattack against Shamir Medical Center on Yom…
TikTok ‘Free Photoshop’ Scam Steals User Data via Malicious Commands
A sophisticated scam targeting TikTok users is exploiting the platform’s reach to steal personal data by promising free access to expensive software like Adobe Photoshop. Cybercriminals are using a social engineering technique called ClickFix to trick victims into executing…
Online Identity Is Evolving: From Data Storage to Proof-Based Verification with zkTLS
The next phase of online identity is shifting from data storage to proof-based verification. Today, the internet already contains much of what verification and compliance teams require — from academic credentials and payment confirmations to loyalty program details. The…
How to Make Zoom Meetings More Secure and Protect Your Privacy
Zoom calls remain an essential part of remote work and digital communication, but despite their convenience, they are not entirely private. Cybercriminals can exploit vulnerabilities to steal sensitive information, intercept conversations, or access meeting data. However, several practical measures…
Proxy Servers: How They Work and What They Actually Do
When browsing online, your device usually connects directly to a website’s server. However, in certain cases, especially for privacy, security, or access control — a proxy server acts as a go-between. It stands between your device and the internet, forwarding…
New Kurdish Hacktivists Hezi Rash Behind 350 DDoS Attacks in 2 Months
New intelligence on Hezi Rash: See how the Kurdish group launched 350+ DDoS attacks and used DaaS platforms like EliteStress to lower entry barriers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and…
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per the intelligence agency, involves the exploitation of…
China-linked UNC6384 exploits Windows zero-day to spy on European diplomats
A China-linked APT group UNC6384 exploits a Windows zero-day in an active cyber espionage targeting European diplomats. Arctic Wolf Labs researchers uncovered a cyber espionage campaign by China-linked APT UNC6384 targeting diplomatic entities in Hungary, Belgium, and other EU nations.…
The Growing Role of Cybersecurity in Protecting Nations
It is becoming increasingly complex and volatile for nations to cope with the threat landscape facing them in an age when the boundaries between the digital and physical worlds are rapidly dissolving. Cyberattacks have evolved from isolated incidents of…
New Email Security Technique Prevents Phishing Attacks Behind NPM Breach
The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical first line of defense against supply chain attacks. Threat actors successfully compromised multiple high-profile NPM developer accounts through a sophisticated…
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dark web leak…
Agent Session Smuggling: How Malicious AI Hijacks Victim Agents
Security researchers have uncovered a sophisticated attack technique that exploits the trust relationships built into AI agent communication systems. The attack, termed agent session smuggling, allows a malicious AI agent to inject covert instructions into established cross-agent communication sessions, effectively…
Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents
In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP archives disguised as military documents. The attack specifically targeted Belarusian military personnel through a lure document titled “ТЛГ на убытие…
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively leveraging the security vulnerability in ransomware campaigns targeting organizations worldwide. The vulnerability, tracked as…
Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant known as BADCANDY across networks worldwide. The Australian Signals Directorate (ASD) has confirmed that over 150…