Hackers have left a live Twitter/X credential‑stuffing botnet effectively unlocked, exposing its full command‑and‑control stack, worker fleet, and root passwords to anyone who knows where to look. The C2 runs on a Windows Server 2019 instance hosted by Hetzner in…
Omnistealer uses the blockchain to steal everything it can
This malware is coming for your password managers, saved logins, cloud storage, crypto wallets, and just about anything else it can reach. This article has been indexed from Malwarebytes Read the original article: Omnistealer uses the blockchain to steal everything…
How to Tell if An Email is Fake: Complete Verification Guide
Originally published at How to Tell if An Email is Fake: Complete Verification Guide by Levon Vardumyan. A fake email is an email that appears … The post How to Tell if An Email is Fake: Complete Verification Guide appeared…
Hackers Exploit Obsidian Plugin for Malware
A new cyber threat has emerged as hackers exploit the Shell Commands plugin in Obsidian, a popular note-taking application, to deliver a sophisticated malware chain. This article has been indexed from CyberMaterial Read the original article: Hackers Exploit Obsidian Plugin…
Hackers Target Okta with Vishing Attacks
Cybercriminals are shifting their tactics from traditional email phishing to more direct voice-based social engineering attacks, known as vishing, to infiltrate corporate systems. This article has been indexed from CyberMaterial Read the original article: Hackers Target Okta with Vishing Attacks
Booking.com Confirms Data Breach
Booking.com, a leading global travel booking platform, has confirmed a data breach involving unauthorized access to customer information. This article has been indexed from CyberMaterial Read the original article: Booking.com Confirms Data Breach
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Janela Remote Access Trojan (RAT) campaign using fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data. The latest Janela RAT samples are being distributed through public GitLab repositories, where attackers host MSI installation files disguised as legitimate software installers.…
ShinyHunters claim the hack of Rockstar Games breach and started leaking data
Leak of 8.1GB data tied to Rockstar Games includes anti-cheat code, game data, analytics and more, reportedly exposed by ShinyHunters. An 8.1GB data leak reportedly linked to Rockstar Games has surfaced, with files shared by ShinyHunters after being obtained via…
16-31 March 2025 Cyber Attacks Timeline
The second half of March 2026 has been very active from an infosec standpoint, with 124 events and a threat landscape dominated by malware. As always, cyber crime led the motivations chart with 65%, slightly up from the previous timeline.…
Hackers Bypass Phishing Emails and Target Okta Identity Systems Instead
Cybercriminals are changing the way they break into organizations. Instead of sending malicious emails and waiting for someone to click a link, attackers are now picking up the phone and calling their way into corporate systems. This shift is one…
Hackers Weaponize Obsidian Shell Commands Plugin to Launch Cross-Platform Malware Attacks
Threat actors have found a clever way to abuse a trusted productivity tool to deliver malware. By weaponizing Obsidian’s Shell Commands community plugin, attackers are quietly executing malicious code on victims’ machines — all without exploiting a single software vulnerability.…
Binary Defense expands NightBeacon with threat-aligned Detection Coverage Index
Binary Defense has announced the launch of NightBeacon Detect, a new module within NightBeacon, the company’s AI-driven SOC platform. The first capability released is Detection Coverage Index, a confidence-based view of how well an organization is covered against specific threat…
Booking.com data breach: Customer reservation data exposed
“Unauthorized third parties may have been able to access certain booking information associated with your reservation,” email alerts sent out by Booking.com over the weekend warn. The online travel agency did not say which system(s) were accessed by the unauthorized…
DataVisor brings conversational AI agents to fraud and AML operations
DataVisor has announced Vera, a suite of conversational AI agents designed to combat financial crime. Vera enables institutions to manage risk using natural language, allowing teams to issue instructions that AI agents execute across the fraud and AML lifecycle. By…
Booking.com Confirms Data Breach as Hackers Access Customer Details
Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now! This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
AI Codex Exploits Samsung TV Driver Flaw to Gain Root Access
A new experiment has shown how an AI coding assistant, Codex, can independently escalate privileges on a Samsung Smart TV by abusing dangerously exposed kernel drivers in Samsung’s KantS2 Tizen firmware. Working from an existing browser foothold, Codex chained together…
Critical etcd Vulnerability Allows Unauthorized Access to Sensitive Cluster APIs
An autonomous AI security agent developed by Strix has discovered a critical authentication bypass vulnerability in etcd, the widely used distributed key-value store that underpins countless backend systems worldwide. Tracked as CVE-2026-33413 and assigned a CVSS score of 8.8, this…
SAP Patches Critical ABAP Vulnerability
The company has released 19 new security notes addressing flaws in over a dozen enterprise products. The post SAP Patches Critical ABAP Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: SAP Patches…
GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags
For years, quantum risk was easy for most institutions to treat as premature: real in theory, urgent someday, but not yet an operational problem. That is no longer tenable. Related: AI spawns semantic attacks Two developments this month brought the…
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. “Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat…
CISA Alerts on Exploited Microsoft Exchange and Windows CLFS Security Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding two actively exploited security vulnerabilities in Microsoft products. Added to the Known Exploited Vulnerabilities (KEV) catalog on April 13, 2026, these flaws impact the Microsoft Windows Common…
The Hidden Threat: How Third-Party Vulnerabilities Affect Platforms Like OpenAI
In the fast-paced world of technology, even giants like OpenAI, Google, and Microsoft don’t build everything from scratch.… The post The Hidden Threat: How Third-Party Vulnerabilities Affect Platforms Like OpenAI appeared first on Hackers Online Club. This article has been…
How Hackers Are Thinking About AI
Interesting paper: “What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.” Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands…
Hackers Use 108 Chrome Extensions to Steal User Data Through Shared C2 Infrastructure
A widespread cyber espionage campaign leveraging 108 malicious Google Chrome extensions. According to a recent report by Socket, these extensions are explicitly designed to steal sensitive user data and hijack active web sessions. The attackers manage this extensive operation through…