Living Security Unveils HRMCon 2025 Speakers as Report Finds Firms Detect Just 19% of Human Risk
Austin / TX, United States, 25th September 2025, CyberNewsWire
Hack Read
Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer
New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam.
ForcedLeak Flaw in Salesforce Agentforce AI Agent Exposed CRM Data
Cybersecurity firm Noma Security reveals ForcedLeak, a critical flaw in Salesforce Agentforce that allowed data theft. Learn what companies need to do now to secure AI agents.
Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems
Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover.
China-Linked Hackers Hit US Tech Firms with BRICKSTORM Malware
China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google's Mandiant reports.
Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes
Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire
PSF Warns of Fake PyPI Login Site Stealing User Credentials
The Python Software Foundation (PSF) warns developers of phishing emails leading to a fake PyPI login site designed to steal account credentials.
ShadowV2 Botnet Uses Misconfigured AWS Docker for DDoS-For-Hire Service
Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers.
UK Arrest Made After Cyberattack Disrupts Major European Airports
UK police arrest man over cyberattack on Collins Aerospace that disrupted check-in at Heathrow, Berlin, Brussels and other airports.
Cloudflare Blocks Record 22.2 Tbps DDoS Attack
Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential.
FBI Warns of Fake IC3 Websites Designed to Steal Personal Data
The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips.
Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation
Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover.
Defy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of Directors
Pittsburg, United States, 23rd September 2025, CyberNewsWire
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data.
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist
Austin, Texas, USA, 23rd September 2025, CyberNewsWire
Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office
The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General's office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens.
How Major SOCs Achieve Early Threat Detection in 3 Steps
Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building…
Jeep and Dodge Parent Company Stellantis Confirms Customer Data Breach
Stellantis, parent of Jeep, Chrysler, Dodge and FIAT, confirms data breach through third-party vendor. Contact info exposed, financial data not affected.
Bitcoin continues to increase its institutional popularity
Not long ago, the mere idea that cryptocurrencies could ever be integrated into mainstream finance would have seemed…
Fake Ukrainian Police Emails Spread New CountLoader Malware Loader
A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker.
