KryptoCibule malware uses Tor & Torrent sites to steal your cryptocurrency

By Sudais Asif The KryptoCibule malware also mines cryptocurrency on targeted devices. This is a post from HackRead.com Read the original post: KryptoCibule malware uses Tor & Torrent sites to steal your cryptocurrency...

Chrome extensions with 80 million+ users found engaging in ad fraud

By Sudais Asif Another day, another large scale ad fraud through Chrome extensions. This is a post from HackRead.com Read the original post: Chrome extensions with 80 million+ users found engaging in ad fraud...

Hackers used phone phishing on Twitter employee to access internal tools

By Waqas Twitter was hit by a phone spear-phishing attack on July 15th, 2020. This is a post from HackRead.com Read the original post: Hackers used phone phishing on Twitter employee to access internal tools...

How to Write a Resume for a Cybersecurity Position

By Owais Sultan Looking to secure a cybersecurity position? You need to have a solid resume. Find out how to do it here! This is a post from HackRead.com Read the original post: How to Write a Resume for a Cybersecurity Position...

Meet Utopia; a privacy focused decentralized P2P ecosystem

By Owais Sultan Utopia is one such platform which is also decentralized in line with the latest developments in the technological world. This is a post from HackRead.com Read the original post: Meet Utopia; a privacy focused decentralized P2P ecosystem...

Popular Android Zombie game phish users to steal Gmail credentials

By Waqas The app made its way to Google Play Store was also found phishing users for Facebook credentials. Scary Granny ZOMBY Mod: The Horror Game 2019 is the latest game on Google Play Store that is condemned by the digital security fraternity for sneakily stealing personal data from unsuspectin...

Crooks steal $28M in crypto using Google Adwords & spoofed domains

By Uzair Amir Authorities arrested six suspects including five males and one female in simultaneous raids carried out in a joint operation. The raids and subsequent arrests were carried out to trace $28 million worth of stolen Bitcoin. The raids were conducted as part of a 14-month long,...

WhatsApp Gold Scam is Back with Malware Payload

By Waqas In social media, the emergence of fake news and fake apps isn’t uncommon as thousands of these hoaxes keep circulating around the web to spread confusion among the users. Now, there is a new hoax doing the rounds and making headlines and it is called WhatsApp Gold Scam. Dubbed as WhatsAp...

Abine Blur Password Manager exposed data of 2.4M users

By Waqas The password manager exposed the data due to a misconfigured S3 bucket. The Blur privacy and password management service developer Abine has issued a security notice this Monday stating that a file containing important customer data was accidentally exposed to the internet. Originally, t...

These people don’t exist – They were created by tech using Artificial Intelligence

By Waqas Artificial intelligence is increasingly advanced and has entered more and more areas, even in the most unexpected and sensitive issues for society such as the world’s first AI lawyer Ross. Now, tech giant NVIDIA has developed a tool that uses Artificial Intelligence to create extremely...

400% increase in cryptomining malware attacks against iPhones

By Waqas It wouldn’t be wrong to state that Apple has become the apple of the eyes of cryptomining enthusiasts and cybercriminals. According to Check Point’s latest Global Threat Index, the company is being targeted more frequently in cryptomining malware attacks. The report discloses some...

Hackers illegally selling stolen Fortnite accounts & botnets on Instagram

By Waqas It is not happening on Dark Web but Instagram. Instagram has become much more than a platform to share your traveling, culinary, or fitness-related experiences, but a thriving portal for selling stolen accounts. Reportedly, hackers are using Instagram to sell access to botnets as well as...

Medical records & patient-doctor recordings of thousands of people exposed

By Carolina Another day, another trove of medical records leaked online, thanks to a misconfigured AWS S3 bucket. Medical records are considered to be sensitive documents and when a malicious third party has access to them it is a bad news as these records can be used for fraud, blackmailing and...

iKeyMonitor: A parental control app ensuring safety of your child

By Carolina Parents are raising a completely new breed of kids. Nowadays, toddlers use mobile devices and teens use text messages to communicate. Many schools have also integrated computers and tablets in their curriculum. To ensure children use the Internet safely, parents need a parental contro...

ICO hacked: Hackers steal $8 million from KICKICO Blockchain network

By Waqas Another day, another ICO hacked. This time, KICKICO, an Initial Coin Offering ICO project that lets users conduct ICOs, pre-ICOs, crowdfunding and crowdinvesting campaigns have suffered a security breach and as a result, hackers have stolen more than 70 million KickCoins which is around...

Identity theft protection firm LifeLock may have exposed user email addresses

By Waqas LifeLock, an Arizona-based identity theft protection firm may have exposed email addresses of millions of its customers - Simply put: A firm vowing to protect online identity of its customers may have exposed their identity to malicious hackers and cybercriminals. It happened due to a...

Hacker access critical code of British cell operator EE

By Waqas EE, a British mobile network giant owned by BT Group has This is a post from HackRead.com Read the original post: Hacker access critical code of British cell operator EE...

A bug stored Twitter passwords in plain text so change your password

By Carolina Twitter, the social network, and online news giant is sending notifications This is a post from HackRead.com Read the original post: A bug stored Twitter passwords in plain text so change your password...

Fake Bitcoin Wallet Apps Found on Google Play Store

By Uzair Amir After non-stop malware attacks, Android users have a couple of new This is a post from HackRead.com Read the original post: Fake Bitcoin Wallet Apps Found on Google Play Store...

Blockchain Wallet CoinPouch Hacked; Verge Coins Stolen

By Waqas Another day, another cryptocurrency wallet hacked This time; it This is a post from HackRead.com Read the original post: Blockchain Wallet CoinPouch Hacked; Verge Coins Stolen...

Mobile Pwn2Own: Hackers pwn iPhone, Huawei, Galaxy and Pixel Phone

By Waqas At the Mobile Pwn2Own competition 2017, white hat hackers managed This is a post from HackRead.com Read the original post: Mobile Pwn2Own: Hackers pwn iPhone, Huawei, Galaxy and Pixel Phone...

Researcher Identifies Bugs in Google’ Bug Tracker Program

By Uzair Amir A security researcher has identified bugs in Google’s bug tracker This is a post from HackRead.com Read the original post: Researcher Identifies Bugs in Google’ Bug Tracker Program...

Hotspot Shield VPN accused of redirecting user traffic to advertisers

By Waqas A renowned privacy group Center for Democracy Technology CDT has This is a post from HackRead.com Read the original post: Hotspot Shield VPN accused of redirecting user traffic to advertisers...

BTC-e exchange’ owner arrested over money laundering accusation

By Waqas A 38-year-old Russian citizen Alexander Vinnik who also happened to This is a post from HackRead.com Read the original post: BTC-e exchange owner arrested over money laundering accusation...

Pro-ISIS group hacks Ohio Governor’ site with anti-Trump message

By Waqas Team System DZ, a pro-ISIS Daesh hacking group from Algeria is back in the news. This time the group has targeted the government of United States and defaced several Ohio State websites including the official website of Governor John Kasich. The hackers left a deface page along with a...

Super Free Music Player Android App Comes with Malware Infection

By Ali Raza A music app in the Google Play Store called Super Free Music Player turns out to be yet another malware-infected app that Google has missed. So far, between 5,000 and 10,000 people have downloaded it. The app was uploaded to the Play Store on March 31 this year, which means that it wa...

Facebook Last Warning Phishing Scam Stealing Login, Credit Card Data

By Waqas Facebook is undoubtedly one of the most used social media networks with 1.86 billion monthly active users. Thats why its users are also under constant threat by hackers and cyber criminals. Recently, we discovered a phishing scam targeting Facebook users by tricking them into giving away...

Lazarus Group Uses npm Brandjacking Campaign to Target Developers

North Korean Lazarus Group targets npm developers with brandjacking packages that mimic trusted tools, drop malware and put credentials at risk...

Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff

Five Eyes warns that Chinese spies are using fake job ads on LinkedIn, Indeed, and Upwork to target military staff and steal sensitive data...

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0...

Fake Word Phishing Reveals Enterprise Blind Spot in Trusted Remote Access Tools

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

Why Outdated Maintenance Software Is a Growing Ransomware Risk

Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers...

UK’s ICO Fine LastPass £1.2 Million Over 2022 Security Breach

UK's ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users’ data. Learn how a flaw in an employee's personal PC led to the massive security failure...

Cline Bot AI Agent Vulnerable to Data Theft and Code Execution

Mindgard reveals 4 critical security flaws in the popular Cline Bot AI coding agent. Learn how prompt injection can hijack the tool for API key theft and remote code execution...

How to Monetize Unity Apps: Best Practices

Unity is one of the most popular game engines for mobile and cross-platform app development. It powers millions…...

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security...

Backdoors in Python and NPM Packages Target Windows and Linux

Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control...

Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected

A critical XSS vulnerability, CVE-2024-27443, in Zimbra Collaboration Suite's CalendarInvite feature is actively being exploited, potentially by the…...

ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks

Cofense Intelligence's May 2025 report exposes how cybercriminals are abusing legitimate Remote Access Tools RATs like ConnectWise and Splashtop to deliver malware and steal data. Learn about this growing threat...

UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen

The UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…...

ClickFix Scam: How to Protect Your Business Against This Evolving Threat

Cybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of…...

Phishing Emails Impersonating Qantas Target Credit Card Info

Fake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major…...

200+ Fake Retail Sites Used in New Wave of Subscription Scams

Bitdefender uncovers a massive surge in sophisticated subscription scams disguised as online shops and evolving mystery boxes. Learn…...

Planet Technology Industrial Switch Flaws Risk Full Takeover – Patch Now

Immersive security researchers discovered critical vulnerabilities in Planet Technology network management and switch products, allowing full device control.…...

Interlock Ransomware Say It Stole 20TB of DaVita Healthcare Data

Interlock ransomware group claims it stole 20TB of sensitive patient data from DaVita Healthcare. While the group has…...

Fake Alpine Quest Mapping App Spotted Spying on Russian Military

Fake Alpine Quest app laced with spyware was used to target Russian military Android devices, stealing location data,…...

BentoML Vulnerability Allows Remote Code Execution on AI Servers

TL;DR: A critical deserialization vulnerability CVSS 9.8 - CVE-2025-27520 in BentoML v1.3.8–1.4.2 lets attackers execute remote code without…...

Hacker Claims Breach of Check Point Cybersecurity Firm, Sells Access

Hacker claims breach of Israeli cybersecurity firm Check Point, offering network access and sensitive data for sale; company denies any recent incident...

Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration

Cybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver's licenses, bank statements, and more...

Cloak Ransomware Hits Virginia Attorney General’s Office, Disrupts IT Systems

Cloak ransomware group claims attack on Virginia attorney general's office, demands ransom for stolen data. Investigation underway. Find out the impact and what's being done...