Cybercriminals are increasingly using a technique known as “ClickFix” to deploy the NetSupport remote administration tool (RAT) for malicious purposes. According to a new report from eSentire’s Threat Response Unit (TRU), threat actors have shifted their primary delivery strategy from…
Category: EN
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed
A DDoS attack on Russia’s food safety agency Rosselkhoznadzor disrupted food shipments by crippling its VetIS and Saturn tracking systems. A DDoS cyberattack on Russia’s food safety agency, Rosselkhoznadzor, disrupted nationwide food shipments by knocking offline its VetIS and Saturn…
North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data
North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware…
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing unauthenticated attackers to install malicious software and potentially seize control of websites. The flaws, first disclosed in late 2024, affect…
Ransomware Actors Targeting Global Public Sectors and Critical Services in Targeted Attacks
In 2025, ransomware attacks against the public sector continue to accelerate at an alarming rate, showing no signs of slowing down despite increased cybersecurity awareness and defensive measures. Throughout the year, approximately 196 public sector entities worldwide have fallen victim…
OpenAI ChatGPT Atlas Browse Jailbroken to Disguise Malicious Prompt as URLs
OpenAI’s newly launched ChatGPT Atlas browser, designed to blend AI assistance with web navigation, faces a serious security flaw that allows attackers to jailbreak the system by disguising malicious prompts as harmless URLs. This vulnerability exploits the browser’s omnibox, a…
New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways
A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven…
CISA Beware! Hackers Are Actively Exploiting Windows Server Update Services RCE Flaw in the Wild
Cybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, allows unauthenticated attackers to run arbitrary code on…
Qantas Data Leak Highlights Rising Airline Cyberattacks and Identity Theft Risks
Airlines continue to attract the attention of cybercriminals due to the vast amounts of personal data they collect, with passports and government IDs among the most valuable targets. According to privacy firm Incogni, the exposure of such documents poses…
NCSC Warns of Rising Cyber Threats Linked to China, Urges Businesses to Build Defences
The United Kingdom’s National Cyber Security Centre (NCSC) has cautioned that hacking groups connected to China are responsible for an increasing number of cyberattacks targeting British organisations. Officials say the country has become one of the most capable and…
NDSS 2025 – CHAOS: Exploiting Station Time Synchronization In 802.11 Networks Session 1A: WiFi and Bluetooth Security
Authors, Creators & Presenters: Sirus Shahini (University of Utah), Robert Ricci (University of Utah) PAPER – CHAOS: Exploiting Station Time Synchronization in 802.11 Networks Many locations, especially in urban areas, are quite noisy with WiFi traffic. In addition to data…
Microsoft Teams to Auto-Set Work Location by Detecting the Wi-Fi Network
Microsoft is about to launch a new feature in Teams that will help hybrid workers stay connected. This feature will automatically find and update a user’s work location based on their organization’s Wi-Fi network. Set to roll out in December…
Malicious NuGet Packages Mimic as Popular Nethereum Project to Steal Wallet Keys
A sophisticated supply chain attack has emerged targeting cryptocurrency developers through the NuGet package ecosystem. Cybersecurity researchers have uncovered malicious packages impersonating Nethereum, a widely trusted .NET library for Ethereum blockchain interactions with tens of millions of downloads. The counterfeit…
Building Secure AI Systems: What Enterprises Need to Know — and What’s at Stake
Generative AI and multi-agent autonomous systems are transforming the enterprise IT stack, promising breakthroughs in efficiency, customer experience, and innovation. Yet, without disciplined, secure-by-design strategies embedded from the start, organizations… The post Building Secure AI Systems: What Enterprises Need to…
Hundreds of European Flights Disrupted by Major Ransomware Attack
A major ransomware attack recently caused widespread disruption to airline operations across several key European airports, resulting in hundreds of flight cancellations and delays for passengers. The incident highlights the growing vulnerability of the aviation industry due to its…
Pwn2Own Ireland 2025: The Hacks, The Winners, and The Big Payouts
Hackers earned over $1 million at Pwn2Own Ireland 2025 in Cork, breaching printers, routers, NAS devices, and more as Summoning Team claimed Master of Pwn. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto…
CMMC’s Reality Check for the Defense Industrial Base: What Contractors Must Do Before Enforcement Hits
The Cybersecurity Maturity Model Certification’s (CMMC) reality check has arrived. After years of delays and speculation, enforcement moves from theory to action in November 2025 (next month as of this… The post CMMC’s Reality Check for the Defense Industrial Base:…
Cheung Sha Wan Wholesale Market Faces Major Data Breach Impacting Thousands
As part of an alarming incident that highlights the growing threat of cyberattacks on public sector systems, the Vegetable Marketing Organisation (VMO) reported that it was targeted by a ransomware attack that disrupted the Cheung Sha Wan Vegetable Wholesale…
The glaring security risks with AI browser agents
New AI browsers from OpenAI and Perplexity promise to increase user productivity, but they also come with increased security risks. This article has been indexed from Security News | TechCrunch Read the original article: The glaring security risks with AI…
OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks
Researchers have discovered that a prompt can be disguised as an url, and accepted by Atlas as an url in the omnibox. The post OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks appeared first on SecurityWeek. This article has been indexed…