New SEO Poisoning Campaign Targeting IT Admins With Malware
Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root access vulnerability in Azure’s AZNFS-mount utility affecting…
Category: HackRead
Phishing Attack Uses Blob URIs to Show Fake Login Pages in Your Browser
Cofense Intelligence reveals a novel phishing technique using blob URIs to create local fake login pages, bypassing email security and stealing credentials. Cybersecurity researchers at…
Legacy Login in Microsoft Entra ID Exploited to Breach Cloud Accounts
A flaw in Microsoft Entra ID’s legacy login allowed attackers to bypass MFA, targeting admin accounts across finance, healthcare, and tech sectors. Cybersecurity firm Guardz…
The Blueprint for Scalable Workflow Automation
Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to manage their workflows effectively. Beneath polished interfaces…
PowerSchool Paid Ransom, Now Hackers Target Teachers for More
PowerSchool paid ransom after a major data breach; now hackers are targeting teachers and schools with direct extortion threats for more payment. On December 28,…
LockBit’s Dark Web Domains Hacked, Internal Data and Wallets Leaked
LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a major blow to the ransomware group. The…
Fake Crypto Exchange Ads on Facebook Spread Malware
Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop clients and PowerShell scripts. A persistent malware…
Fake AI Tools Push New Noodlophile Stealer Through Facebook Ads
Scammers are using fake AI tools and Facebook ads to spread Noodlophile Stealer malware, targeting users with a multi-stage attack to steal credentials. Cybersecurity researchers…
ClickFunnels Investigates Breach After Hackers Leak Business Data
ClickFunnels is investigating a data breach after hackers leaked detailed business data, including emails, phone numbers, and company profiles. A hacking group calling itself “Satanic”…
Israeli NSO Group Fined $168M for Pegasus Spyware Attack on WhatsApp
US jury orders NSO Group to pay $168M to WhatsApp and Meta over Pegasus spyware use in 2019 hack. Meta calls it a major step…
SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks
Austin, USA / Texas, May 7th, 2025, CyberNewsWire SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million phished data…
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA
CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch to version 1.3.0 now! In April 2025,…