PT-2025-40985

Name of the Vulnerable Software and Affected Versions Biobanking and Biomolecular Resources Negotiator version 3.15.2 Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. A remote user can exploit this by sending a POST request with a...

EUVD-2023-26567

Malicious code in bioql PyPI...

Inside LockBit's Admin Panel Leak

Inside the LockBit's Admin Panel Leak: Affiliates, Victims and Millions in Crypto By Jambul Tologonov · June 12, 2025 Introduction On May 7, 2025, the LockBit admin panel was hacked by an anonymous actor who replaced their TOR website with the text ‘ Don’t do crime CRIME IS BAD xoxo from Prague ’...

How In-Person Meetings Fast-Tracked Our vPPA Negotiations in Europe

In-person interactions can build trust, foster collaboration, and achieve efficiency — especially for complex negotiations — even in the post-pandemic world...

LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom

LockBit ransomware claims to hold 33 TB of data from the US Federal Reserve for ransom. Hackread.com investigates, reaching out to CISA for comments on the breach and ongoing negotiations. Stay updated!...

CVE-2024-30397 Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. The pkid is responsible for the certificate verification. Upon a failed...

CVE-2024-30397 Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. The pkid is responsible for the certificate verification. Upon a failed...

Western Digital Confirms Customer Data Stolen by Hackers in March Breach

Digital storage giant Western Digital confirmed that an "unauthorized third party" gained access to its systems and stole personal information belonging to the company's online store customers. "This information included customer names, billing and shipping addresses, email addresses and telephon...

BlackCat (ALPHV) Gang Claims Ransomware Attack on NCR Data Center

By Deeba Ahmed BlackCat ransomware initially claimed responsibility for the ransomware attack on its dark web blog but later removed its post, indicating negotiations between the two parties. This is a post from HackRead.com Read the original post: BlackCat ALPHV Gang Claims Ransomware Attack on...

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow...

K05263202: BIG-IP IPsec tunnel endpoint vulnerability CVE-2017-6156

Security Advisory Description When the BIG-IP system is configured with a wildcard IPsec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations. The attacker must possess the necessary credentials to negotiate the phase...

Ransomware pushes City of Oakland into state of emergency

The ransomware attack that hit Oakland on Wednesday February 8, 2023 is still crippling many of the citys services a week later. In fact, the situation is so bad that the Interim City Administrator has now declared a state of emergency. Tweet announcing the state of emergency The ransomware attac...

Ransomware revenue significantly down over 2022

According to blockchain data platform Chainalysis, ransomware revenue "plummeted" from $765.6 in 2021 to at least $456.8 in 2022. The data is based on an analysis of the cryptocurrency addresses known to be controlled by ransomware attackers. Precision While the real numbers are likely much highe...

Are cybercriminals turning away from the US and targeting Europe instead?

Significant cyberattacks against critical targets in Europe have doubled in the past year, according to EU figures obtained by CNN. And with the announced pressure from the US against major ransomware gangs we can expect these figures to go up even more. Its also clear from recent attacks that th...

Ragnar Locker Gang Warns Victims Not to Call the FBI

All that the FBI/ransomware negotiators/investigators do is muck things up, so we’re going to publish your stuff if you call for help, the Ragnar Locker ransomware gang announced on its darknet data-leak site. In an announcement posted this week and seen by Bleeping Computer, the ransomware...

What’s Next for REvil’s Victims?

Last week, the servers of ransomware giant REvil vanished. Many applauded as dark-web and clear-web sites used to support the backend infrastructure of REvil, aka Sodinokibi, as well as to leak victims’ data, slipped offline early Tuesday morning. Not REvil’s victims, though. They’re now stuck,...

DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

The ransomware gang identified as DoppelPaymer has leaked a substantial collection of files from the Illinois Office of the Attorney General OAG on a server controlled by the cybercriminal group. The move came after ransom negotiations between the two parties broke down following a ransomware...

Hades Ransomware Gang Exhibits Connection to Hafnium

The Hades ransomware gang has several unique characteristics that set it apart from the rest of the pack, according to researchers – including potentially having more than extortion on the to-do list. The group appears to use multiple nation-state tools and techniques. The researchers said that i...

negotiations.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1137488 Security Researcher 4NCURZE Helped patch 1412 vulnerabilities Received 7 Coordinated Disclosure badges Received 12 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting negotiations.com website a...

Tampa Bay Times hit with Ryuk ransomware attack

Florida newspaper The Tampa Bay Times suffered a Ryuk ransomware attack Thursday, making it the latest major victim of the notorious ransomware family that continues to rise in popularity. Curiously, the paper is at least the third Florida-based Ryuk victim in the past year. The attack, which The...