It has been reported that millions of PayPal accounts have been traded on underground forums, which has raised a new wave of alarm in the ever-evolving landscape of cybercrime. Using the moniker “Chucky_BF”, a hacker announcing the availability of…
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and…
SpyCloud Consumer IDLink unifies fragmented identity exposures
SpyCloud released the Consumer IDLink solution, designed to help financial institutions and other consumer-facing organizations reduce risk and prevent fraud stemming from consumer identity exposures. Consumer IDLink, delivered via API, uses SpyCloud’s proprietary identity matching analytics to unify fragmented identity…
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of sending unsolicited phishing emails, attackers…
IT Security News Hourly Summary 2025-08-26 15h : 5 posts
5 posts were published in the last hour 12:37 : AccuKnox Awarded Patent for Runtime Security of Kernel Events 12:37 : How to use Netdiscover to map and troubleshoot networks 12:6 : Aembit Extends Secretless CI/CD with Credential Lifecycle Management…
Study Reveals TikTok, Alibaba, Temu Collect Extensive User Data in America
Incogni finds top foreign apps downloaded in the US harvest names, locations, and emails, sharing them with third parties for ads and profiling. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read…
PoC Exploit Published for Chrome 0-Day Already Under Active Attack
A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid reports of active in-the-wild exploitation. The vulnerability, tracked as CVE-2025-5419, stems from out-of-bounds reads and…
Microsoft Launches Tool to Migrate VMware VMs From vCenter to Hyper-V
Microsoft today announced the public preview of a new VM Conversion extension for Windows Admin Center, enabling IT administrators to migrate virtual machines from VMware vCenter to Hyper-V with minimal downtime. Available at no cost during its preview phase, the lightweight tool…
No, Grok 2.5 has not been open-sourced. Here’s how you can tell
Let’s read the fine print. This article has been indexed from Latest news Read the original article: No, Grok 2.5 has not been open-sourced. Here’s how you can tell
French Retailer Auchan Cyberattack – Thousands of Customers Personal Data Exposed
Major French retail chain Auchan announced on August 21, 2025, that it suffered a significant cybersecurity incident resulting in the unauthorized access and theft of personal data from “several hundred thousand” customer loyalty accounts. The breach represents another critical example…
WinRAR 0-Day Vulnerabilities Exploited in Wild by Hackers – Detailed Case Study
The cybersecurity landscape has been significantly impacted by the discovery and active exploitation of two critical zero-day vulnerabilities in WinRAR, one of the world’s most widely used file compression utilities. CVE-2025-6218 and CVE-2025-8088 represent sophisticated attack vectors that have enabled threat actors to…
PoC Exploit Released for Chrome 0-Day Vulnerability Exploited in the Wild
Google has disclosed a critical zero-day vulnerability in the V8 JavaScript engine used by Chrome, tracked as CVE-2025-5419. Before a patch could be rolled out to all users, proof-of-concept (PoC) exploit code had been published, and active exploitation had been…
OneFlip – New Attack Flips a Single Bit in Neural Networks for Stealthily Backdoor on AI Systems
In August 2025, researchers at George Mason University published a groundbreaking study at the 34th USENIX Security Symposium, introducing OneFlip, an inference-time backdoor attack that flips just one bit in full-precision neural networks to implant stealth triggers. Unlike traditional backdoor…
WhatsApp Desktop Users At Risk of Code Execution Attacks with Python on Windows PCs
WhatsApp Desktop users who have Python installed on their Windows PCs are at risk of arbitrary code execution due to a flaw in how the application handles Python archive files. A maliciously crafted .pyz file can be executed with a…
Cybersecurity Wake-Up Call: Why All Businesses Must Prepare for the Inevitable Attack
Cybersecurity has emerged as a critical and ongoing battle against a dynamic and pervasive global threat. The landscape is evolving rapidly, with adversaries increasingly gaining ground in this ongoing struggle…. The post Cybersecurity Wake-Up Call: Why All Businesses Must Prepare…
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale cybercrime…
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to…
AccuKnox Awarded Patent for Runtime Security of Kernel Events
Menlo Park, United States, 26th August 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: AccuKnox Awarded Patent for Runtime Security of Kernel Events
How to use Netdiscover to map and troubleshoot networks
<p>Network admins, security admins and support technicians need tools that quickly map the network infrastructure to display nodes, network devices and segment boundaries. Delivering continuously updated results, Netdiscover is an excellent and flexible option to uncover live hosts on a…
Aembit Extends Secretless CI/CD with Credential Lifecycle Management for GitLab
Silver Spring, USA / Maryland, 26th August 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Aembit Extends Secretless CI/CD with Credential Lifecycle Management for GitLab
Beware! Fake Google Play Store Sites Used to Spread Android Malware
Cybersecurity researchers have identified a resurgence of SpyNote malware campaigns targeting Android users through sophisticated fake Google Play Store websites. The malicious actor behind these attacks has implemented new anti-analysis techniques and expanded their deceptive tactics since previous reports, demonstrating…
Data Blindness is the Silent Threat Undermining AI, Security and Operational Resilience
Data blindness is emerging as one of the biggest business risks of the AI era — without visibility, organizations can’t trust their data. The post Data Blindness is the Silent Threat Undermining AI, Security and Operational Resilience appeared first on…
New Android Hook Malware Variant Locks Devices With Ransomware
Zimperium’s research reveals the Hook Android malware is now a hybrid threat, using ransomware and spyware to steal… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: New Android…
PhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML Input
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The vulnerability, assigned CVE-2025-54370, affects multiple versions of the phpoffice/phpspreadsheet package and carries a high severity rating with CVSS…