Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read…
Tag: EN
Gmail Message Exploit Triggers Code Execution in Claude, Bypassing Protections
A cybersecurity researcher has demonstrated how a carefully crafted Gmail message can trigger code execution through Claude Desktop, Anthropic’s AI assistant application, highlighting a new class of vulnerabilities in AI-powered systems that don’t require traditional software flaws. The exploit leverages…
Dark Partners Hacker Group Drains Crypto Wallets Using Fake AI Tools and VPN Services
The financially driven organization known as Dark Partners has been planning massive cryptocurrency theft since at least May 2025, using a complex network of more than 250 malicious domains that pose as AI tools, VPN services, cryptocurrency wallets, and well-known…
NimDoor MacOS Malware Abuses Zoom SDK Updates to Steal Keychain Credentials
SentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase in cyber threats targeting the bitcoin industry. Active since at least April 2025, NimDoor exploits…
Oracle Issues Critical Update Fixing 309 Vulnerabilities Across Products
Oracle Corporation released its July 2025 Critical Patch Update, addressing a substantial 309 security vulnerabilities across its extensive product portfolio. This quarterly security release represents one of the most comprehensive patches in recent years, affecting dozens of Oracle’s enterprise software…
Retailer Co-op: Attackers snatched all 6.5M member records
Supermarket announces white hat education scheme as four suspects released on bail Co-op Group’s chief executive officer has confirmed that all 6.5 million of the organization’s members had their data stolen during its April cyberattack – Scattered Spider is believed…
Google Says AI Agent Thwarted Exploitation of Critical Vulnerability
Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild. The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability appeared first on SecurityWeek. This article has…
New Attack Targeting Japanese Companies Exploiting Ivanti & Fortinet VPN Vulnerabilities
A sophisticated cyber espionage campaign has emerged targeting Japanese organizations through critical vulnerabilities in Ivanti Connect Secure and FortiGate VPN devices. The attack campaign, observed throughout fiscal year 2024, has primarily focused on manufacturing companies and government-related entities, with attackers…
Abacus Dark Web Market Possible Exit Scam with the Bitcoin Payments They Hold
Abacus Market, the largest Bitcoin-enabled Western darknet marketplace, has likely executed an exit scam after going offline in early July 2025, according to blockchain intelligence firm TRM Labs. The marketplace’s operators appear to have disappeared with users’ cryptocurrency funds, marking…
Hackers Use Polyglot Files to Bypass Email Filters to Deliver Malicious Emails
In the final week of June 2025 security teams across Russia’s healthcare and technology sectors began receiving an unusual flood of “routine” logistics and contract e-mails. Hidden behind familiar subject lines and legitimate sender addresses, the messages contained archives that…
Amazon warns 200 million Prime customers that scammers are after their login info
Amazon has emailed 200 million customers to warn them about a rather convincing phishing campaign. This article has been indexed from Malwarebytes Read the original article: Amazon warns 200 million Prime customers that scammers are after their login info
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This…
CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025
Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released fixes for six Chrome flaws, including one actively exploited in the wild tracked as CVE-2025-6558 (CVSS score of 8.8).…
Turbulence at Air Serbia, the latest airline under cyber siege
Attack enters day 11 and still no public disclosure of what insider claims to be ‘deep breach’ of Active Directory Exclusive Aviation insiders say Serbia’s national airline, Air Serbia, was forced to delay issuing payslips to staff as a result…
Talos IR ransomware engagements and the significance of timeliness in incident response
The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements. This article has been indexed from Cisco Talos Blog Read the original article: Talos IR ransomware…
Email Filters Defeated by Polyglot File Trick Used in Malware Campaigns
Attackers are increasingly using advanced disguising techniques, such polyglot files, to get around email filters and successfully send phishing payloads in the constantly changing world of cyber threats. These polyglot files, which can be interpreted as multiple file formats simultaneously,…
Does Your Organization Need Deepfake Defenses?
Picture this: you’re scrolling through your company’s social media feed, and suddenly a video shows your CEO endorsing a competitor’s product. It looks real. The voice, the gestures, the background—it’s all perfect. Or that same CEO calling you to urgently…
Best AI Deepfake and Scam Detection Tools for Security
Explore the best AI deepfake detection tools to spot fake videos, images, and audio. Compare real-time analysis, accuracy, and features for your needs. The post Best AI Deepfake and Scam Detection Tools for Security appeared first on eSecurity Planet. This…
Chinese authorities are using a new tool to hack seized phones and extract data
Researchers warned that Chinese residents, and visitors to China, should be aware of the tool’s existence and the risks it poses. This article has been indexed from Security News | TechCrunch Read the original article: Chinese authorities are using a…
Node.js Vulnerabilities Exposes Windows App to Path Traversal and HashDoS Attacks
The Node.js project has released critical security updates across multiple release lines to address two high-severity vulnerabilities affecting Windows applications and V8 engine implementations. Security releases are now available for Node.js versions 20.x, 22.x, and 24.x, with patches addressing a…