watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: watchTowr Warns…
Category: EN
RSAC 2025 wrap-up – Week in security with Tony Anscombe
From the power of collaborative defense to identity security and AI, catch up on the event’s key themes and discussions This article has been indexed from WeLiveSecurity Read the original article: RSAC 2025 wrap-up – Week in security with Tony…
Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities
Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Billions of…
Rhysida Ransomware gang claims the hack of the Government of Peru
The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is…
Fast Flux Technique Identified as Growing Risk to US Cyber Infrastructure
A sophisticated cybercriminal technique called fast flux is being increasingly employed by cybercriminals, which is causing heightened concerns among intelligence agencies and cybersecurity agencies throughout the world. It has been reported in April 2025 that the United States National…
Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss
Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where…
RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists
SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish…
DragonForce group claims the theft of data after Co-op cyberattack
Hackers claim Co-op cyberattack is worse than admitted, with major customer and employee data stolen, and provide proof to the BBC. The attackers behind the recent Co-op cyberattack, who go online with the name DragonForce, told the BBC that they…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With Remote Access & Monitoring
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…
Pakistan State-sponsored Hackers Attack Indian Websites, Attempts Blocked
Pakistan’s cyber warfare against India Recently, Pakistan state-sponsored hacker groups launched multiple failed hacking attempts to hack Indian websites amid continuous cyber offensives against India after the Pahalgam terror attack. These breach attempts were promptly identified and blocked by the…
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable. The names of the packages are listed below – github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp…
CISA Warns of KUNBUS Auth Bypass Vulnerabilities Exposes Systems to Remote Attacks
CISA has issued an urgent advisory highlighting critical vulnerabilities in KUNBUS GmbH’s Revolution Pi industrial automation devices. These flaws, which include authentication bypass and remote code execution risks, threaten sectors like manufacturing, energy, and healthcare. Attackers can disrupt operations, manipulate…
AsyncRAT Dark Mode – New Version of AsyncRAT on GitHub With New Features
A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…
Bsideslv24 – Proving Ground – Unleashing The Future Of Development: The Secret World Of Nix & Flakes
Author/Presenter: Jason Odoom Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink The post Bsideslv24…
Bitdefender Warns of Surge in Subscription Scams Disguised as Online Stores and Mystery Boxes
Cybersecurity researchers at Bitdefender have uncovered a sharp increase in deceptive online subscription scams, with fraudsters disguising themselves as legitimate e-commerce platforms and mystery box vendors. These sophisticated schemes are luring unsuspecting users into handing over sensitive credit card…
North Korean Hackers Create Fake U.S. Firms to Dupe Crypto Developers
Threat analysts at Silent Push, a U.S. cybersecurity firm, told Reuters that North Korean cyber spies established two companies in the U.S., Blocknovas LLC and Softglide LLC, using fictitious personas and addresses to infect developers in the cryptocurrency industry…
Phishing Emails Impersonating Qantas Target Credit Card Info
Fake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Phishing Emails…
Many Internet Users Suffer Account Breaches Due to Weak Passwords, Study Finds
A recent study has shown that more than one in three people have had at least one of their online accounts broken into during the past year. The main reason? Poor or stolen passwords. The report comes from the…
Coinbase Fixes Account Log Bug That Mistakenly Triggered 2FA Breach Alerts
Coinbase has resolved a logging issue in its system that led users to wrongly believe their accounts had been compromised, after failed login attempts were mistakenly labeled as two-factor authentication (2FA) failures. As first uncovered by BleepingComputer, the bug…
Yemeni Man Charged in U.S. for Black Kingdom Ransomware Deployed on Schools & Business Networks
A Yemeni national, Rami Khaled Ahmed, aged 36, has been indicted by federal authorities in the Central District of California for allegedly orchestrating a cyberattack campaign using Black Kingdom ransomware to extort victims, the U.S. Department of Justice announced. Ahmed…