Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN!
The backdoor dropped in the scam had the ability to exfiltrate a wide range of data, including the hostname, username, and a comprehensive list of…
Category: HackRead
The Malicious ChatGPT Alternative Empowering Cybercriminals
WormGPT is being offered for sale on a popular hacking forum, enabling malicious actors to exploit its capabilities for nefarious purposes. In a disconcerting development…
Teenagers Face Trial for Hacking BT, Nvidia, Rockstar Games, Revolut, Uber
One of the accused, 18-year-old Arion Kurtaj, has been referred to as highly competent and a genius by the prosecutors. Two UK teenagers are currently…
Fake TeamViewer Installer Used to Deliver njRAT Malware
The njRAT malware is a remote access trojan that can perform malicious activities such as keylogging, password stealing, data exfiltration, accessing webcams and microphones, and…
BreachForums’ Pompompurin Pleads Guilty to Holding Child Abuse Content
The court document described the disturbing content as “videos depicting prepubescent minors and minors who had not attained 12 years of age engaging in s**ually…
Flaws in Honeywell Experion DCS, Posing Risk to Critical Industries
These vulnerabilities, dubbed Crit.IX can allow unauthorized remote code execution on the Honeywell server and controllers’ legacy version. Security researchers at cybersecurity firm Armis and…
Fake THREADS App Climbed to Number 1 Spot on Apple Store in Europe
Apple has removed the fake THREADS app from the European App Store, ending its top position as the number 1 iOS app until July 11,…
Exploitable Flaws in QuickBlox Framework Expose Millions of User Records
In a joint research effort, Check Point Research (CPR) and Claroty Team82 found multiple security flaws in the QuickBlox framework. QuickBlox is a popular chat…
New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
The malware campaign, exploiting two known vulnerabilities including Follina, has been discovered by cybersecurity researchers at FortiGuard Labs. FortiGuard Labs recently uncovered a concerning discovery…
Chinese Group Storm-0558 Hacked European Govt Emails, Microsoft
Microsoft has recently uncovered a sophisticated intrusion campaign carried out by a China-based threat actor, identified as Storm-0558. This campaign successfully gained access to email…
Oxeye warns of SSRF Vulnerability in Owncast, SQL Injection Flaws in EaseProbe
Oxeye, a renowned provider of cloud-native application security platforms, has recently disclosed two significant security vulnerabilities affecting widely used open-source platforms. The vulnerabilities, discovered by…
Big Head Ransomware Found in Malvertising and Fake Windows Updates
When the fake Windows update UI is launched, the victim believes it to be a legitimate software update process where the progress increment percentage is…