Coupang confirms a data breach affecting 33.7 million users in South Korea, exposing names, contacts and order details. Investigation is ongoing. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…
Category: EN
Building an OWASP 2025 Security Scanner in 48 Hours
OWASP dropped its 2025 Top 10 on November 6th with a brand-new category nobody saw coming: “Mishandling of Exceptional Conditions” (A10). I spent a weekend building a scanner to detect these issues and immediately found authentication bypasses in three different…
Coupang Data Breach Exposed Personal Data of 33.7 Million Customers Personal Records
South Korean e-commerce giant Coupang has confirmed a massive security incident affecting approximately 33.7 million customers, nearly the company’s entire user base. The breach, which exposed names, phone numbers, email addresses, shipping addresses, and order histories, has been traced back…
Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orchestrated spear-phishing campaigns primarily focusing on organizations within Kyrgyzstan…
Microsoft Confirms New Outlook Bug Blocking Excel Attachments
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error…
TangleCrypt Windows Packer with Ransomware Payloads Evades EDR Using ABYSSWORKER Driver
A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response (EDR) solutions. The packer was first observed during a September 2025 ransomware incident involving Qilin…
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024,…
India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud
India’s telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to a report from Reuters, the app cannot be deleted or disabled from…
Four arrested in South Korea over massive IP camera snooping spree
Plus: Aussie Wi-Fi phisher and Brit dark web dealer nailed Cybercrime suspects and offenders across three continents have been rounded up this week, with cases spanning hacked IP cameras in South Korea, evil twin Wi-Fi traps in Australia, and a…
Your Phone Is Being Tracked in Ways You Can’t See: One Click Shows the Truth
Many people believe they are safe online once they disable cookies, switch on private browsing, or limit app permissions. Yet these steps do not prevent one of the most persistent tracking techniques used today. Modern devices reveal enough technical…
Nvidia’s Strong Earnings Ease AI Bubble Fears Despite Market Volatility
Nvidia (NVDA) delivered a highly anticipated earnings report, and the AI semiconductor leader lived up to expectations. “These results and commentary should help steady the ship for the AI trade into the end of the year,” Jefferies analysts wrote…
Scientists just found a way to tell if quantum computers are wrong
Researchers unveiled a new technique that validates quantum computer results—especially those from GBS devices—in minutes instead of millennia. Their findings expose unexpected errors in a landmark experiment, offering a crucial step toward truly reliable quantum machines. This article has been…
OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands
OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting a malicious configuration file into a project repository. The issue, now fixed in Codex CLI…
Hackers are Moving to “Living Off the Land” Techniques to Attack Windows Systems Bypassing EDR
Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers are now using legitimate Windows programs already installed on target systems, a tactic known as…
4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign
“ShadyPanda,” a sophisticated threat actor responsible for a seven-year campaign that has successfully infected 4.3 million Chrome and Edge users. By exploiting the inherent trust in browser marketplaces, ShadyPanda weaponized “Featured” and “Verified” extensions to deploy remote code execution (RCE)…
European police dismantle cryptocurrency mixer popular with ransomware gangs
Authorities have spent years trying to cripple the ecosystem that helps hackers hide their profits. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: European police dismantle cryptocurrency mixer popular with ransomware gangs
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer-service platforms. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Hackers ready threat campaign aimed at Zendesk environments
Police Seize Cryptomixer Domains, Infrastructure and 28M Dollars in Bitcoin
Swiss and German police shut down Cryptomixer, seizing servers, domains and 28M dollars in Bitcoin during an Europol backed action targeting crypto laundering. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More…
Shield Your Nonprofit: How to Tackle Ransomware Attacks
Set against the backdrop of accelerated growth of technology over the past several decades, notwithstanding large organizations, nonprofits as well have become overly reliant on technology for their day-to-day operations. New data shows that this reliance often presents opportunities for…
New Android Albiriox Malware Gains Traction in Dark Web Markets
Android malware Albiriox emerged as MaaS, offering device takeover and real-time fraud capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android Albiriox Malware Gains Traction in Dark Web Markets