Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Agencies
Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from the UAT-6382 threat group. Learn about the…
Category: HackRead
Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching
Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products like FortiMail and FortiCamera. This stack-based buffer…
FBI Warns of Silent Ransom Group Targeting Law Firms via Scam Calls
The FBI has issued a warning to US law firms about a rising cyber threat targeting the legal sector. A group known as Silent Ransom…
Zimbra CVE-2024-27443 XSS Flaw Hits 129K Servers, Sednit Suspected
A critical XSS vulnerability, CVE-2024-27443, in Zimbra Collaboration Suite’s CalendarInvite feature is actively being exploited, potentially by the Sednit hacking group. Learn how this flaw…
SK Telecom Uncovers Two-Year Malware Attack, Leaking 26M IMSI Records
SK Telecom reveals malware intrusion that remained hidden for nearly two years, led to the leaking of 26.69 million IMSI units and 9.82 GB of…
BadSuccessor Exploits Windows Server 2025 Flaw for Full AD Takeover
Akamai researchers reveal a critical flaw in Windows Server 2025 dMSA feature that allows attackers to compromise any Active Directory user. Learn about the BadSuccessor…
ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks
A new report from Cofense Intelligence reveals a troubling trend in cyberattacks: criminals are increasingly hijacking legitimate Remote Access Tools (RATs) to infiltrate computer systems.…
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
In a major international operation coordinated by Europol and Eurojust, law enforcement agencies and private sector partners have successfully dismantled the DanaBot malware network. This…
Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity
A newly disclosed vulnerability in Google Chrome and Chromium-based browsers is putting users at risk of data leaks. Tracked as CVE-2025-4664, the flaw allows attackers…
Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims
Coca-Cola and its bottling partner, Coca-Cola Europacific Partners (CCEP), are facing separate cyberattack claims from two distinct threat groups. The Everest ransomware gang says it…
270 Arrested in Global Crackdown on Dark Web Vendors
In one of the largest global law enforcement actions against dark web crime to date, authorities from ten countries have arrested 270 individuals involved in…
Database Leak Reveals 184 Million Infostealer-Harvested Emails and Passwords
Cybersecurity researcher Jeremiah Fowler discovered a misconfigured cloud server containing a massive 184 million login credentials, likely collected using infostealer malware. Cybersecurity researcher Jeremiah Fowler…