OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and…
Tag: EN
GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise
A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnerability stems from hardcoded default credentials that remain active unless manually altered by an administrator. Harbor functions as an open-source,…
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats
Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms that now underpin record-breaking attacks and stealthy cybercrime operations. In total, over 21,000 C2 servers were observed between July and December 2025, with a notable…
Five Malicious npm Packages Target Crypto Developers, Exfiltrate Wallet Keys via Telegram
The cryptocurrency development community is facing a serious supply chain threat after five malicious npm packages were discovered stealing private wallet keys and forwarding them directly to a Telegram bot. Published under the npm account “galedonovan,” these packages were crafted…
Russian Initial Access Broker Sentenced to Prison for Enabling Ransomware Attacks on U.S. Firms
Aleksei Volkov, a 26-year-old Russian national, has been sentenced to 81 months in federal prison for operating as an Initial Access Broker (IAB). His illicit activities directly enabled major cybercrime syndicates, including the notorious Yanluowang ransomware group, to compromise numerous…
Multiple TP-Link Vulnerabilities Allow Attackers to Execute Arbitrary Commands on System
TP-Link has recently issued a critical security advisory addressing multiple high-severity vulnerabilities impacting its Archer NX series routers. These flaws, which affect the Archer NX200, NX210, NX500, and NX600 models, expose devices to severe risks. If exploited, threat actors could…
Hackers Exploiting Magento to Execute Remote Code and Gain Complete Account Access
A critical unrestricted file upload vulnerability, dubbed “PolyShell,” is actively being exploited in Magento and Adobe Commerce stores. Discovered by the Sansec Forensics Team, this flaw allows unauthenticated attackers to execute remote code (RCE) and completely take over accounts. With…
RSAC 2026 Conference Announcements Summary (Day 2)
A summary of the announcements made by vendors on the second day of the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements Summary (Day 2) appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February…
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also…
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit…
US: FCC Bans Foreign-Made Routers Over National Security Concerns
The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list” This article has been indexed from www.infosecurity-magazine.com Read the original article: US: FCC Bans Foreign-Made Routers Over National Security Concerns
TeamPCP Backdoors LiteLLM via Trivy
TeamPCP, the group responsible for attacking Trivy and KICS, recently compromised the popular Python package litellm by releasing two malicious versions on PyPI. This article has been indexed from CyberMaterial Read the original article: TeamPCP Backdoors LiteLLM via Trivy
Dutch Finance Ministry Probes Breach
Dutch authorities are currently investigating a cyberattack on the Ministry of Finance after unauthorized access to several internal systems was discovered last week. This article has been indexed from CyberMaterial Read the original article: Dutch Finance Ministry Probes Breach
Lapsus$ Claims AstraZeneca Hack
The cybercriminal group Lapsus$ has allegedly breached the pharmaceutical giant AstraZeneca, claiming to have exfiltrated roughly 3GB of internal data. This article has been indexed from CyberMaterial Read the original article: Lapsus$ Claims AstraZeneca Hack
Kaplan Breach Exposes 230K Records
Kaplan is currently managing a major data breach that exposed the personal records of more than 230,000 individuals across multiple states. This article has been indexed from CyberMaterial Read the original article: Kaplan Breach Exposes 230K Records
FCC Bans Foreign Routers Over Risks
The FCC has announced a ban on the importation of new foreign-made consumer routers, citing severe risks to national security and critical infrastructure. This article has been indexed from CyberMaterial Read the original article: FCC Bans Foreign Routers Over Risks
2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates
San Francisco, USA, 25th March 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: 2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates
Mozilla Releases Firefox 149.0 With Free Built‑In VPN Offering 50 GB Monthly Data
Mozilla released Firefox 149.0 to the Release channel, bringing a significant set of privacy and security enhancements to the browser. The standout feature of this update is the integration of a free, built-in VPN designed to protect users on public…
FCC targets foreign router imports amid rising cybersecurity concerns
The FCC will ban new foreign-made routers in the U.S. over security risks, unless approved by DHS or defense authorities. The U.S. FCC announced a ban on importing new foreign-made consumer routers, citing unacceptable cyber and national security risks. The…