On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing and remote access platforms, and CVE-2025-48703, a vulnerability in Control Web Panel (CWP), a web hosting control panel designed for…
Credentials and Misconfigurations Behind Most Cloud Breaches, Says AWS
New AWS report data reveals the top four security failure points in the cloud, including vulnerability exploitation (24%)… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: Credentials…
Google Warns: AI Makes Cyber Threats Faster and Smarter by 2026
Google has released its Cybersecurity Forecast 2026 report, providing a comprehensive analysis of emerging threats and security trends anticipated throughout the coming year. Rather than relying on speculation, the report is grounded in real-world data and insights gathered from Google…
CISA Issues Alert on Gladinet CentreStack and Triofox Vulnerabilities Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Gladinet CentreStack and Triofox to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The flaw, tracked as CVE-2025-11371, exposes sensitive system files to unauthorized…
18 arrested in €300 million global credit card fraud scheme
A coordinated international operation has led to 18 arrests in a massive credit card fraud case worth at least €300 million. The effort, led by Eurojust, targeted a network of suspects accused of running fake online subscription services for dating,…
Securing the Open Android Ecosystem with Samsung Knox
Raise your hand if you’ve heard the myth, “Android isn’t secure.” Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is critical. However,…
APT-C-60 Campaign: Malicious VHDX Hosted on Google Drive Lures Job Applicants
JPCERT/CC has issued an urgent warning about ongoing attacks by the advanced persistent threat group APT-C-60, which continues to target recruitment professionals in Japan through sophisticated spear-phishing campaigns. The attack campaign specifically impersonates job seekers contacting recruitment staff, exploiting the…
NGate Malware Enables Unauthorized Cash Withdrawals at ATMs Using Victims’ Payment Cards
NGate represents a sophisticated Android-based threat that exploits NFC technology to enable unauthorized ATM cash withdrawals without physically stealing payment cards. Rather than stealing cards outright, threat actors use an ingenious relay attack that intercepts the card’s NFC communications from…
M&S pegs cyberattack cleanup costs at £136M as profits slump
Retailer’s tech systems aren’t down anymore, but the same can’t be said for its rocky financials Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total.… This article has been indexed from The Register…
Daylight Raises $33 Million for AI-Powered MDR Platform
The funding will fuel the development of Daylight’s security operations platform and the launch of new protection modules. The post Daylight Raises $33 Million for AI-Powered MDR Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages. The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. Key takeaways: Tenable Research has discovered multiple new and persistent vulnerabilities in…
Hackers Targeting Freight Operators to Steal Cargo: Proofpoint
Threat actors are working with organized crime groups to target freight operators and transportation companies, infiltrate their systems through RMM software, and steal cargo, which they then sell online or ship to Europe, according to Proofpoint researchers, who saw similar…
Deepfakes Are More Polluting Than People Think
Artificial intelligence, while blurring the lines between imagination and reality, is causing a new digital controversy to unfold at a time when ethics and creativity have become less important and the digital realm has become a much more fluid…
Dublin Airport Data Breach Exposes 3.8 Million Passengers
Dublin Airport has confirmed a significant data breach affecting potentially 3.8 million passengers who traveled through the Irish facility during August 2025, following a cyberattack on aviation technology supplier Collins Aerospace. The breach compromised boarding pass data for all…
Microsoft Teams Flaws Allowed Attackers to Fake Identities, Rewrite Chats
Microsoft Teams vulnerabilities let attackers impersonate users, edit chat history, and spoof calls before Microsoft issued security fixes in late 2025. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…
Former cybersecurity firm experts attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks
U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and another Florida-based accomplice (aka “Co-Conspirator 1”) for using BlackCat ransomware to…
Apple patches 50 security flaws—update now
Apple has patched nearly 50 security flaws across iPhones, Macs, Safari and more. Some could expose your data or let hackers in, so don’t wait to update. This article has been indexed from Malwarebytes Read the original article: Apple patches…
Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack
The Japanese media giant says compromised Slack credentials were used to steal employee and business partner information. The post Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack appeared first on SecurityWeek. This article has been indexed…
Why SOC Burnout Can Be Avoided: Practical Steps
Behind every alert is an analyst; tired eyes scanning dashboards, long nights spent on false positives, and the constant fear of missing something big. It’s no surprise that many SOCs face burnout before they face their next breach. But this…
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud
The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea’s global financial network for laundering money for various illicit schemes, including cybercrime and information technology (IT) worker fraud. “North Korean state-sponsored hackers steal…
Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
A never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. “UNK_SmudgedSerpent leveraged domestic…
CISA Alerts of Control Web Panel Command Injection Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical command-injection vulnerability in Control Web Panel that is currently being actively exploited in the wild. Tracked as CVE-2025-48703, this flaw poses a significant threat to organizations…
Zscaler Acquires SPLX for AI Security Boost
The integration introduces something new inside a familiar perimeter, a dedicated AI protection layer within Zscaler’s Zero Trust Exchange platform. The post Zscaler Acquires SPLX for AI Security Boost appeared first on TechRepublic. This article has been indexed from Security…