Old Docker authorization bypass pops up despite previous patch
No one checked oversized requests While the previous authorization bypass was triggered when request Content-Length was set to 0, no one checked at the time…
Month: April 2026
The Phishing-as-a-Service Pipeline: How a Scalable Fraud Ecosystem Is Driving Global Attacks
Phishing is no longer a standalone tactic. It has matured into a service-based ecosystem where specialized actors provide each component of an attack lifecycle, from…
Huntress and Our Culture of BElonging
Building a strong company culture is a journey without a final destination. It’s a blend of different factors—programs, decisions, collective experiences, and behaviors—all shaping who…
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Author: Saeed Abbasi, Senior Manager, Threat Research Unit, Qualys With Time-to-Exploit now at negative seven days and autonomous AI agents accelerating threats, the data no…
EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks
A serious security flaw found inside a widely used Android library called EngageSDK has put over 30 million cryptocurrency wallet users at risk of financial…
Big Tech, Big Exposure: Data from Over 3.5 Million Accounts Handed to US Authorities
New research from digital privacy firm Proton has revealed the staggering scale of how Google, Apple, and Meta share user data with US government authorities,…
Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think
Anthropic said this week that the debut of its new Claude Mythos Preview model marks a critical juncture in the evolution of cybersecurity, representing an…
EngageSDK Vulnerability puts millions of crypto wallets at risk
A newly disclosed vulnerability in the widely used Android library EngageSDK has raised serious concerns across the cryptocurrency ecosystem, potentially exposing millions of users to…
Why data protection matters more than ever in 2026
Data has become one of the most valuable assets for modern businesses, and in turn one of the most attractive targets for cyber criminals. Nearly…
Lazarus Hackers Register Real US LLCs to Spread Malware
Cybersecurity researchers at ReversingLabs have found a new scam targeting blockchain developers with fake job offers. Their research, shared with Hackread.com, reveals that hackers are…
Poisoned “Office 365” search results lead to stolen paychecks
A financially motivated hacking group is targeting Canadian employees with a sophisticated campaign designed to covertly redirect their salary payments into attacker-controlled bank accounts, Microsoft…
Fake Claude site installs malware that gives attackers access to your computer
Claude’s rapid growth—nearly 290 million web visits per month—has made it an attractive target for attackers, and this campaign shows how easy it is to…