Cybersecurity News
Hackers leak data of 10,000 VirtualMacOSX customers in alleged breach, exposing names, emails, passwords, and financial details on a hacking forum. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Report finds China and Russia may be coordinating ‘grey zone’ tactics against vulnerable western infrastructure China and Russia are stepping up sabotage operations targeting undersea cables and the UK is unprepared to meet the mounting threat, according to new analysis. A report by the China Strategic Risks Institute (CSRI) analysed 12 incidents where national authorities … Read More “UK ‘woefully’ ill-protected against Chinese and Russian undersea cable sabotage – Data and computer security | The Guardian” »
Unity is one of the most popular game engines for mobile and cross-platform app development. It powers millions… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT remote access trojan. “Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers,” Check Point said in a technical report. “The attackers combined … Read More “Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets – The Hacker News” »
Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Paris, France, 13th June 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system – Read More –
Cybersecurity researchers are calling attention to a “large-scale campaign” that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an “esoteric and educational programming style” that uses only a limited set of characters to write and execute … Read More “Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month – The Hacker News” »
Relying too heavily on a US tech giant for your nation’s digital infrastructure is starting to feel a bit… well, risky. – Read More – Graham Cluley
Bert is a recently-discovered strain of ransomware that encrypts victims’ files and demands a payment for the decryption key. Read more in my article on the Fortra blog. – Read More – Graham Cluley
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more … Read More “Inside a Dark Adtech Empire Fed by Fake CAPTCHAs – Krebs on Security” »
In the world of cybersecurity, “zero-day” used to mean panic. Today, it still does—for those unprepared. But what if… The post Zero-Day Isn’t Zero Time: AI-Powered Threat Detection by CryptoBind appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware – Read More –
Introduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today’s threat landscape doesn’t play by those rules. The sheer volume of telemetry, overlapping tools, and automated alerts has pushed traditional SOCs to the edge. Security teams … Read More “CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider. “This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp – Read More – The … Read More “Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion – The Hacker News” »
Swedish Prime Minister Ulf Kristersson says his country is under attack, after days of hard-hitting DDoS attacks against SVT Sweden’s public TV broadcaster, government websites, and other key organisations. – Read More – Graham Cluley
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool – Read More –
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email – Read More –
Lucky Erasmus and a company insider installed software without authorisation on Ecentric’s systems which granted them remote access, enabling them to steal sensitive data and make unauthorised changes to senior managers’ passwords. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS … Read More “Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware – The Hacker News” »
Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers of a utility billing software provider through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM). This incident is part of a broader trend of … Read More “CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability – All CISA Advisories” »
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: AVEVA Equipment: PI Connector for CygNet Vulnerabilities: Cross-site Scripting, Improper Validation of Integrity Check Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to persist arbitrary code in the administrative portal of the product or cause a denial-of-service … Read More “AVEVA PI Connector for CygNet – All CISA Advisories” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low attack complexity … Read More “Siemens Tecnomatix Plant Simulation – All CISA Advisories” »
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.5 ATTENTION: Exploitable remotely Vendor: AVEVA Equipment: PI Web API Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disable content security policy protections. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AVEVA PI Web API are affected: PI … Read More “AVEVA PI Web API – All CISA Advisories” »
Recorded Future said on Thursday that it had linked Intellexa infrastructure to new locations, the latest indication that the Predator spyware maker has adapted after setbacks. The revelations from the company’s Insikt Group include identification of a previously unknown customer in Mozambique, a connection to a Czech entity and a cluster linked to an Eastern … Read More “Predator spyware activity surfaces in new places with new tricks – CyberScoop” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack … Read More “Siemens SIMATIC S7-1500 CPU Family – All CISA Advisories” »
Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp … Read More “Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider – CISA Cybersecurity Advisories” »
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that’s designed to distribute malicious content. “VexTrio is a group of malicious adtech companies that distribute scams and … Read More “WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network – The Hacker News” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Exploitable remotely/low attack … Read More “Siemens SCALANCE and RUGGEDCOM – All CISA Advisories” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack … Read More “Siemens SCALANCE and RUGGEDCOM – All CISA Advisories” »
CISA released ten Industrial Control Systems (ICS) advisories on June 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-162-01 Siemens Tecnomatix Plant Simulation ICSA-25-162-02 Siemens RUGGEDCOM APE1808 ICSA-25-162-03 Siemens SCALANCE and RUGGEDCOM ICSA-25-162-04 Siemens SCALANCE and RUGGEDCOM ICSA-25-162-05 Siemens SIMATIC S7-1500 CPU Family ICSA-25-162-06 Siemens Energy Services … Read More “CISA Releases Ten Industrial Control Systems Advisories – All CISA Advisories” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack … Read More “Siemens RUGGEDCOM APE1808 – All CISA Advisories” »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely/low attack … Read More “Siemens Energy Services – All CISA Advisories” »
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: PI Data Archive Vulnerabilities: Uncaught Exception, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could shut down necessary subsystems and cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PI Data … Read More “AVEVA PI Data Archive – All CISA Advisories” »
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ValueHD, PTZOptics, multiCAM Systems, SMTAV Equipment: Various pan-tilt-zoom cameras Vulnerabilities: Improper Authentication, Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’), Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker … Read More “PTZOptics and Other Pan-Tilt-Zoom Cameras – All CISA Advisories” »
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change. “The TokenBreak attack targets a text classification model’s tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented … Read More “New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes – The Hacker News” »
Researchers revealed Wednesday that they have confirmed Paragon spyware on an Apple product for the first time, on the phones of European journalists, amid an unfolding surveillance scandal in Italy. University of Toronto’s Citizen Lab published a report on its findings, which confirmed spyware on the phone of an Italian journalist named Ciro Pellegrino, following … Read More “Paragon spyware found on the phones of Euro journos – CyberScoop” »
Researchers revealed Wednesday that they have confirmed Paragon spyware on an Apple product for the first time, on the phones of European journalists, amid an unfolding surveillance scandal in Italy. University of Toronto’s Citizen Lab published a report on its findings, which confirmed spyware on the phone of an Italian journalist named Ciro Pellegrino, following … Read More “Paragon spyware found on the phones of Euro journos – CyberScoop” »
The cybersecurity provider also implemented recent fixes in Chromium that affected its Prisma Access Browser – Read More –
AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention. Behind every AI agent, chatbot, or automation script lies a growing number of non-human … Read More “AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar – The Hacker News” »
Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Citizen Lab says it found ‘digital fingerprints’ of military-grade spyware that Italy has already admitted using against activists The hacking mystery roiling the Italian prime minister Giorgia Meloni’s rightwing government is deepening after researchers said they found new evidence that two more journalists were targeted using the same military-grade spyware that Italy has admitted to … Read More “European journalists targeted with Paragon Solutions spyware, say researchers – Data and computer security | The Guardian” »
A BitSight report reveals over 40,000 internet-connected security cameras globally are exposed, streaming live footage without protection. Learn how common devices, from home cameras to factory surveillance, pose privacy and security risks and get simple tips to secure your own. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world when it comes to Non-human identities also referred to as machine identities. GitGuardian’s end-to-end NHI security platform is here to close the gap. Enterprises are Losing Track of Their Machine … Read More “Non-Human Identities: How to Address the Expanding Security Risk – The Hacker News” »
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already … Read More “Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction – The Hacker News” »
The new NIST guidance sets out 19 example implementations of zero trust using commercial, off-the-shelf technologies – Read More –
The spate of cyber attacks impacting the retail industry continues, with the latest victim being United Natural Foods (UNFI), which supplies organic produce to Whole Foods, Amazon, Target, and Walmart, amongst many others. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Europol warns of “vicious circle” of data breaches and cybercrime – Read More –
Erie Insurance reveals suspected network breach and ongoing outage – Read More –
ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it’s doing so “due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions. … Read More “ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks – The Hacker News” »
