The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus to corporate Human Resources (HR) departments with a highly targeted spear-phishing operation. According to research by Arctic Wolf Labs, the group is leveraging legitimate job…
Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular e-commerce applications, granting hackers full control over hundreds of online stores. This malicious campaign, which began with the injection of backdoors as early as six…
Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel
In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malicious campaign, discovered in early May 2025, utilizes spear-phishing emails with attachments designed to exploit recipients’ interest…
Kelly Associates Data Breach Exposes 410,000+ Users Personal Data
A data breach at Kelly & Associates Insurance Group (operating as Kelly Benefits) has exposed sensitive personal information of more than 410,000 individuals, significantly more than initially reported. The Maryland-based benefits administration and payroll solutions provider confirmed that cybercriminals infiltrated…
Ransomware Groups Allegedly Breach IT Networks, Stealing Data from UK Retailers
A notorious ransomware group dubbed DragonForce has claimed responsibility for a series of cyber attacks targeting major UK retailers, with Co-op now confirming a significant data breach affecting its membership database. The attacks, which also targeted Marks & Spencer and…
The AI chatbot cop squad is here (Lock and Code S06E09)
This week on the Lock and Code podcast, we speak with Emanuel Maiberg and Jason Koebler about Overwatch, an AI chatbot tool sold to US police. This article has been indexed from Malwarebytes Read the original article: The AI chatbot…
White House Proposal Slashes Half-Billion from CISA Budget
The proposed $491 million cut is being positioned as a “refocusing”of CISA on its core mission “while eliminating weaponization and waste.” The post White House Proposal Slashes Half-Billion from CISA Budget appeared first on SecurityWeek. This article has been indexed…
Microsoft Alerts Users About Password-spraying Attack
Microsoft alerts users about password-spraying attacks Microsoft has warned users about a new password-spraying attack by a hacking group Storm-1977 that targets cloud users. The Microsoft Threat Intelligence team reported a new warning after discovering threat actors are abusing unsecured…
Data Security Alert as Novel Exfiltration Method Emerges
Global cybersecurity experts are raising serious concerns over the newly identified cyber threat known as Data Splicing Attacks, which poses a significant threat to thousands of businesses worldwide. It seems that even the most advanced Data Loss Prevention (DLP) tools…
Brave Browser’s New ‘Cookiecrumbler’ Tool Aims to Eliminate Annoying Cookie Consent Pop-Ups
While the General Data Protection Regulation (GDPR) was introduced with noble intentions—to protect user privacy and control over personal data—its practical side effects have caused widespread frustration. For many internet users, GDPR has become synonymous with endless cookie consent…
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren’t breaking in—they’re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we…
5 Tips You Should Know before Developing an Innovative Product
Are you aiming to develop an innovative startup that will make a boom effect in the modern market?… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: 5 Tips…
Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses
X Business, a small e-commerce store dealing in handmade home décor, became the latest victim of a devastating cyberattack orchestrated by a sophisticated malware strain known as Chimera. What begann as a routine inventory management system update spiraled into a…
Hackers Selling SS7 0-Day Exploit on Dark Web for $5,000
A newly discovered dark web listing claims to sell a critical SS7 protocol exploit for $5,000, raising alarms about global telecom security. The seller, operating under the alias “GatewayPhantom,” is marketing the 0-day vulnerability as a tool for SMS interception,…
LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands
The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant threat, employing the cunning “ClickFix” social engineering technique to compromise unsuspecting users. This malware, rewritten from C to C++ with an advanced binary morpher, targets…
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren’t breaking in—they’re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we…
Why Secure Document Management Matters Against Cybersecurity Threats
Cybersecurity threats aren’t just aimed at servers or customer databases. They also target a company’s most vital but… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Why Secure…
MediaTek Fixes Multiple Security Flaws in Smartphone, Tablet, and TV Chipsets
MediaTek, a leading provider of chipset technology for smartphones, tablets, AIoT, and smart TVs, has released critical patches addressing several security vulnerabilities across its product portfolio. The newly published MediaTek Product Security Bulletin details the flaws, their potential impacts, and…
Iranian Hackers Breaches Critical National Infrastructure With multiple Webshells & Backdoors
A sophisticated cyber intrusion targeting critical national infrastructure in the Middle East has been uncovered, with evidence pointing to an Iranian state-sponsored threat group. The attack, which persisted from May 2023 to February 2025, showcases advanced tactics and a concerning…
xAI Dev Leaked API Key on GitHub for Private SpaceX, Tesla & Twitter/X
A significant security lapse occurred at Elon Musk’s artificial intelligence company xAI, where a developer inadvertently leaked a private API key on GitHub that remained accessible for nearly two months. The exposed credentials provided unauthorized access to private large language…
MediaTek Patches Multiple Vulnerabilities Affecting Tablets, Smartphones & TV Chipsets
MediaTek has released critical security patches addressing six significant vulnerabilities affecting a wide range of devices powered by their chipsets. The vulnerabilities, disclosed in the company’s May 2025 Product Security Bulletin, impact smartphones, tablets, AIoT devices, smart displays, audio systems,…
Microsoft Shuts Down Skype After 23 Years, Urges Users to Switch to Teams
After more than two decades as a pioneer in internet-based calling and messaging, Skype has officially been retired by Microsoft as of May 5, 2025. The company is now urging all Skype users to migrate to Microsoft Teams, marking the…
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren’t breaking in—they’re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we…
xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs
An employee at Elon Musk’s artificial intelligence venture, xAI, inadvertently disclosed a sensitive API key on GitHub, potentially exposing proprietary large language models (LLMs) linked to SpaceX, Tesla, and Twitter/X. Cybersecurity specialists estimate the leak remained active for two months,…
Doppel Banks $35M for AI-Based Digital Risk Protection
The new investment values Doppel at $205 million and provides runway to meet enterprise demand for AI-powered threat detection tools. The post Doppel Banks $35M for AI-Based Digital Risk Protection appeared first on SecurityWeek. This article has been indexed from…
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren’t breaking in—they’re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we…
IT Security News Hourly Summary 2025-05-05 15h : 17 posts
17 posts were published in the last hour 13:2 : Skype Shuts Down Today (5 May), After 22 Years Of Service 13:2 : NCSC Warns UK Retailers After Spate Of Cyberattacks 13:2 : 7 ways to lock down your phone’s…