Hack Read

New York, New York, 13th November 2025, CyberNewsWire

Singapore, Singapore, 13th November 2025, CyberNewsWire

AI security firm Mindgard discovered a flaw in OpenAI’s Sora 2 model, forcing the video generator to leak…

Old DarkComet RAT spyware is back, hiding inside fake Bitcoin wallets and trading apps to steal credentials via keylogging.

North Korea-linked KONNI hackers used KakaoTalk and Google Find Hub to spy on victims and remotely wipe Android devices in a targeted phishing campaign.

If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers…

In 2025, account takeover (ATO) attacks are a significant – and growing – cybersecurity threat, especially in the…

Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882.

Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…

Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation's code.

Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data.

Intel, the leading computer chip maker, has filed a lawsuit seeking at least $250,000 in damages from a…

Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now.

In an era where digital ecosystems extend far beyond a company’s internal network, enterprise cybersecurity is no longer…

Menlo Park, CA, USA, 10th November 2025, CyberNewsWire

Monsta FTP users must update now! A critical pre-authentication flaw (CVE-2025-34299) allows hackers to fully take over web servers. Patch to version 2.11.3 immediately.

The FBI has issued a federal subpoena to domain registrar Tucows, demanding extensive billing and session records to unmask the anonymous operator of Archive.ph (Archive.is and Archive.today). The site, known for bypassing paywalls, is now the subject of an undisclosed criminal investigation.

Cybersecurity firm Sekoia reports a widespread fraud where criminals compromise hotel systems (Booking.com, Expedia and others) with PureRAT malware, then use stolen reservation data to phish and defraud guests.

Bolster AI reveals a new scam using a simple JS code via Emkei's Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet.

Account takeover (ATO) attacks can devastate individuals and organisations, from personal profiles to enterprise systems. The financial impact…