This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing…
Tag: EN
Critical Vulnerability in Multiple India-Based CCTV Cameras Let Attackers Video and Account Credentials
A severe security vulnerability affecting multiple India-based CCTV camera manufacturers has been disclosed. Potentially allowing attackers to access video feeds and steal account credentials without authentication. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 9,…
New “SOAPwn” .NET Vulnerabilities Expose Barracuda, Ivanti and Microsoft Appliances to RCE Attack
New research into legacy .NET Framework SOAP client code has uncovered “SOAPwn,” a class of vulnerabilities. That can be weaponized for remote code execution (RCE) across multiple enterprise products. Including Barracuda Service Center RMM, Ivanti Endpoint Manager, Umbraco CMS 8,…
Hackers Leveraging LLM Shared Chats to Steal Your Passwords and Crypto
A new malware campaign has emerged that exploits legitimate AI platforms to deliver malicious code directly to unsuspecting users. Threat actors are using sponsored Google search results to redirect users searching for common macOS troubleshooting tips, such as “how to…
Charming Kitten Leak Exposes Key Personnel, Front Companies, and Thousands of Compromised Systems
Fresh leaks from the Iranian state‑backed group Charming Kitten, also tracked as APT35, have exposed key personnel, front companies, and thousands of compromised systems spread across five continents. The internal files show that Iran’s Department 40, within the IRGC Intelligence…
Researcher claims Salt Typhoon spies attended Cisco training scheme
Skills gained later fed Beijing’s cyber operations, according to SentinelLabs expert A security researcher specializing in tracking China threats claims two of Salt Typhoon’s members were former attendees of a training scheme run by Cisco.… This article has been indexed…
UK Cyber Agency says AI Prompt-injection Attacks May Persist for Years
The United Kingdom’s National Cyber Security Centre has issued a strong warning about a spreading weakness in artificial intelligence systems, stating that prompt-injection attacks may never be fully solved. The agency explained that this risk is tied to the…
Rising Prompt Injection Threats and How Users Can Stay Secure
The generative AI revolution is reshaping the foundations of modern work in an age when organizations are increasingly relying on large language models like ChatGPT and Claude to speed up research, synthesize complex information, and interpret extensive data sets…
Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite
Hamas-affiliated threat actor Ashen Lepus (aka WIRTE) is conducting espionage with its new AshTag malware suite against Middle Eastern government entities. The post Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite appeared first on Unit…
Amazon To Pay €511m To Settle Italian Tax Probe
Amazon to pay millions in deal with Italian tax authorities, as it faces ongoing criminal probe into tax avoidance involving Chinese goods This article has been indexed from Silicon UK Read the original article: Amazon To Pay €511m To Settle…
Oracle Shares Sink On Debt Concerns
Oracle shares sag more than 11 percent in after-hours trading on concerns that its AI data centre debt pile could present risks This article has been indexed from Silicon UK Read the original article: Oracle Shares Sink On Debt Concerns
Google ‘Faces EU Fine’ Unless It Makes App Store Changes
Google reportedly faces steep EU competition fine over restrictions Play Store places on developers’ communications with users This article has been indexed from Silicon UK Read the original article: Google ‘Faces EU Fine’ Unless It Makes App Store Changes
US State AGs Warn AI Firms Over ‘Delusional Outputs’
US state attorneys general warn AI companies that ‘delusional outputs’ from models risk breaking state laws, call for review mechanism This article has been indexed from Silicon UK Read the original article: US State AGs Warn AI Firms Over ‘Delusional…
CastleLoader Malware Now Uses Python Loader to Bypass Security
Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and…
Top 10 Data Anonymization Solutions for 2026
Every business today has to deal with private information – whether it is about customers, employees, or financial… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Top 10 Data…
Scammers Sent 40,000 E-Signature Phishing Emails to 6,000 Firms in Just 2 Weeks
Phishing campaign: Scammers sent over 40,000 spoofed SharePoint, DocuSign and e-sign emails to companies, hiding malicious links behind trusted redirect services. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article:…
How To Detect React2Shell Using Burp Suite (RCE CVSS 10.0)
Last week, we have reported that Unauthenticated RCE Found in React Server Components and Next.js (CVE-2025-55182 / CVE-2025-66478).… The post How To Detect React2Shell Using Burp Suite (RCE CVSS 10.0) appeared first on Hackers Online Club. This article has been…
Seeking symmetry during ATT&CK® season: How to harness today’s diverse analyst and tester landscape to paint a security masterpiece
Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience. This article has been indexed from WeLiveSecurity Read the original article: Seeking symmetry during ATT&CK® season: How to harness today’s…
Hunting for Mythic in network traffic
We analyze the network activity of the Mythic framework, focusing on agent-to-C2 communication, and use signature and behavioral analysis to create detection rules for Network Detection and Response (NDR) solutions. This article has been indexed from Securelist Read the original…
Coupang CEO Resigns Following Major Data Breach Exposing 34 Million Customers
South Korea’s largest online retailer, Coupang, has been rocked by a massive data breach that exposed the personal details of nearly 34 million customers, forcing CEO Park Dae-jun to resign amid mounting scrutiny from regulators and the public. The breach,…