Latest Cybersecurity Threats

Real-time threat intelligence from trusted sources

A Romanian man was sentenced to 56 months in federal prison for hacking into a computer network used by the Oregon state government. This incident was part of a broader series of cyberattacks that targeted multiple victims across the United States. The hacker's activities included unauthorized access to sensitive governmental information, which raises concerns about the security of public sector networks. Such breaches can compromise not only data integrity but also the trust of citizens in their government. The case serves as a reminder of the ongoing risks posed by cybercriminals, particularly those operating from abroad.

Impact: Oregon state government computer network
Remediation: N/A
Read Original

Edamame, a startup based in France, has launched a new platform designed to monitor AI coding agents for potential issues like 'intent drift,' which refers to a deviation from their intended programming. The platform uses host telemetry and AI analysis to detect problems in real time, including secret theft and supply-chain attacks. This is significant as it addresses the growing concern over how AI systems can behave unpredictably and pose risks to software integrity and data security. By implementing such a system, companies can better protect their applications and sensitive information from malicious activities. This innovation could be crucial for organizations relying on AI-driven coding agents to ensure they operate safely and as intended.

Impact: AI coding agents, software applications using AI
Remediation: N/A
Read Original

Microsoft has raised concerns about the recent disclosure of several unpatched security vulnerabilities without prior notice. The company stated that these uncoordinated disclosures could put customers at significant risk by exposing them to potential attacks. This situation affects users of Microsoft's products, as they may not be aware of the vulnerabilities or have the necessary patches to protect their systems. The lack of coordinated communication from researchers or security firms can lead to confusion and increased vulnerability. Microsoft urges that such disclosures be handled responsibly to ensure that users are adequately protected and informed.

Impact: Microsoft products, specifically Windows and associated software.
Remediation: Microsoft recommends that users keep their systems updated with the latest patches and security updates.
Read Original

A recently discovered security vulnerability in Gitea, a popular self-hosted Git service, has put around 30,000 deployments at risk. The flaw allows attackers to access private container images, which can lead to the exposure of sensitive information such as source code and user credentials. This vulnerability affects organizations that rely on Gitea for their development workflows, making it crucial for them to act swiftly to secure their systems. The situation raises concerns about the security of self-hosted services and the potential for misuse of exposed data. Companies using Gitea should prioritize patching their installations to mitigate this risk.

Impact: Gitea deployments, private container images
Remediation: Users should patch their Gitea installations to the latest version to address the vulnerability.
Read Original

Carnival Corporation has confirmed a significant data breach that has impacted nearly 6 million individuals. The breach was linked to the ShinyHunters extortion gang, which claimed responsibility for the incident back in April 2026. The compromised data may include sensitive information, though specific details about what was leaked have not been disclosed. This incident raises concerns about the security of personal information within the cruise industry and the potential for identity theft among affected individuals. Carnival has stated that they are investigating the breach and will take necessary steps to enhance their cybersecurity measures moving forward.

Impact: Nearly 6 million individuals affected; specific data types not disclosed.
Remediation: Investigation ongoing; Carnival to enhance cybersecurity measures.
Read Original

A new cyber campaign has emerged, targeting cryptocurrency firms through deceptive recruitment tactics and custom malware designed for macOS systems. Researchers from Wiz have identified this threat actor, known as JINX-0164, which employs social engineering to lure victims into downloading malicious software. The malware is tailored to exploit continuous integration and continuous deployment (CI/CD) infrastructures, increasing the risk of digital asset theft for affected organizations. As cryptocurrency firms often handle significant amounts of valuable digital assets, these attacks could lead to substantial financial losses and damage to their reputations. Companies in the crypto space need to be vigilant and enhance their security measures to protect against these sophisticated threats.

Impact: Cryptocurrency firms, macOS systems, CI/CD infrastructure
Remediation: Companies should implement stronger security protocols, conduct employee training to recognize social engineering attacks, and monitor their CI/CD environments for unusual activity.
Read Original

A recent study by Mysterium VPN revealed that an astonishing 19.6 billion files are publicly accessible on the internet due to misconfigured cloud storage buckets. Among these files, there are around 685,000 credential files and nearly 1 million database dumps. This situation exposes sensitive information and undermines the common belief that data stored with companies is secure. The findings raise significant concerns about data privacy and security, emphasizing that many organizations may not be adequately protecting their data. It’s crucial for companies to review their cloud configurations to prevent unauthorized access to sensitive information.

Impact: Cloud storage services, sensitive data files, credential files, database dumps
Remediation: Companies should review and secure their cloud storage configurations to prevent unauthorized access.
Read Original

A 35-year-old man from Buren, Netherlands, has been arrested by the Dutch National Police for hacking into AFC Ajax's computer systems. The investigation began after the football club discovered that its systems had been accessed without authorization, leading to the exposure of personal records for approximately 300,000 fans. The suspect is believed to have gained unauthorized access multiple times. This incident raises concerns about the security of fan data in sports organizations and the potential risks associated with such breaches. As data privacy becomes increasingly important, this case underscores the need for sports clubs to enhance their cybersecurity measures to protect sensitive information.

Impact: AFC Ajax fan records, personal data of approximately 300,000 fans
Remediation: N/A
Read Original

Despite the growing concerns around cybersecurity, a recent survey of Chief Information Security Officers (CISOs) in northern Europe found that most are not experiencing a significant increase in cyberattacks compared to two years ago. This suggests that while the threat of cyber incidents remains, the situation for many organizations has stabilized. The findings indicate that companies have likely adapted their defenses and strategies against potential attacks, even with the rise of artificial intelligence in cyber operations. Understanding this trend is important for businesses as it helps inform their security postures and resource allocations. Overall, the report provides a snapshot of the current state of cybersecurity in northern Europe, demonstrating resilience in the face of evolving threats.

Impact: N/A
Remediation: N/A
Read Original

Recent research has uncovered a long-running cybercrime operation targeting fans of pirated books, movies, and TV shows. In 2026, experts identified new websites associated with this gang, attracting tens of millions of visitors. These sites have been linked to malware distribution, including a Remote Access Trojan (RAT) that allows attackers to control infected devices. This situation poses significant risks for users who access these pirated materials, as they may unknowingly download harmful software. It's crucial for consumers to be aware of these dangers and consider the security implications of engaging with pirated content.

Impact: Users accessing pirated books, movies, and TV shows; malware including Remote Access Trojans (RATs)
Remediation: Users should avoid accessing pirated content, use security software, and keep their devices updated.
Read Original

The FBI has issued a warning to law firms about a new tactic being used by the Silent Ransom Group (SRG) to steal sensitive data. These attackers are impersonating IT support staff and reaching out to victims through phone calls or phishing emails, aiming to gain access to their systems via remote desktop sessions. This method is particularly concerning for law firms, which often handle confidential information. If successful, these attacks could lead to significant data breaches, putting client information at risk. The FBI emphasizes the need for firms to be vigilant and to verify the identity of anyone requesting remote access to their systems.

Impact: Law firms, sensitive client data
Remediation: Verify the identity of anyone requesting remote access; implement training for staff on recognizing phishing attempts.
Read Original

OpenAI has announced plans to enhance cybersecurity measures to protect against election interference in the upcoming 2026 midterms. This initiative builds on efforts from major tech companies in 2024 aimed at tackling the challenges posed by artificial intelligence in election processes. The focus is on preventing the manipulation of information and safeguarding the integrity of elections, especially as AI technology continues to evolve. This is significant as it demonstrates a proactive approach to a growing concern over how technology can influence democratic processes and public opinion. The collaboration with other tech firms suggests a concerted effort to address these threats before they manifest in future elections.

Impact: N/A
Remediation: N/A
Read Original

The FBI has issued a warning about the Silent Ransom Group, a ransomware gang that is now physically infiltrating law firms to steal sensitive data. This group employs social engineering tactics to gain access to servers and databases, making them a significant threat to legal practices. Their actions can lead to severe data breaches, putting client information at risk and potentially harming the reputation of affected law firms. As legal firms often handle confidential information, the implications of such breaches could be far-reaching, affecting clients and the firms' operations. It's crucial for law firms to strengthen their cybersecurity measures to defend against this emerging threat.

Impact: Law firms, servers, databases
Remediation: Law firms should enhance cybersecurity protocols, conduct employee training on social engineering, and implement stricter access controls.
Read Original
Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Iran's Nimbus Manticore hacking group has been targeting US companies by distributing trojanized installers of Zoom, a popular video conferencing software. This malicious tactic is part of a broader cyber campaign linked to the Iranian Revolutionary Guard Corps (IRGC). By disguising malware within legitimate software, the attackers aim to infiltrate and compromise sensitive networks of various firms. This incident raises significant concerns about the security of widely used applications and highlights the potential risks associated with downloading software from unverified sources. Companies should be vigilant and ensure their software is obtained from trusted platforms to avoid falling victim to similar attacks.

Impact: Zoom application, US firms
Remediation: Users should only download software from official sources, verify digital signatures, and maintain up-to-date antivirus software.
Read Original

In a recent speech, the UK's chief of cyberspying warned that Russia is increasing its aggressive activities in a 'gray zone' that doesn't quite reach the level of war. This reflects ongoing concerns among intelligence experts about Russia's tactics, which may include cyber operations and disinformation campaigns aimed at destabilizing countries without triggering direct military conflict. The chief emphasized the role of artificial intelligence in these operations, describing it as an 'unstoppable force' that could amplify Russia's capabilities in this area. This warning serves as a reminder for nations to remain vigilant and prepared for potential cyber threats that could disrupt security and stability. The implications of these developments are significant, as they suggest a shift in how conflicts may be waged in the future, particularly with non-traditional warfare tactics.

Impact: N/A
Remediation: N/A
Read Original
Page 1 of 217Next