GhostFrame phishing kit fuels widespread attacks against millions
GhostFrame is a new phishing-as-a-service (PhaaS) kit, tracked since September 2025, that has already powered more than a million phishing attacks. Threat analysts spotted a…
Latest Cybersecurity News — Page 1114
View all →
Ukrainian hacker charged with helping Russian hacktivist groups
U.S. prosecutors have charged a Ukrainian national for her role in cyberattacks targeting critical infrastructure worldwide, including U.S. water systems, election systems, and nuclear facilities,…
Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code
Security update addressing a dangerous Windows PowerShell vulnerability that allows attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-54100, was publicly…
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the…
How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Dec 10, 2025The Hacker NewsCloud Security / Threat Detection Cloud security is changing. Attackers are no longer just breaking down the door; they are finding…
US Targets Russian-Backed Cyber Groups CARR, NoName057(16)
The U.S. Department of Justice has unveiled a series of actions against two Russian state-supported cyber collectives, CARR (also known as CyberArmyofRussia_Reborn or CyberArmyofRussia) and…
The ten key reforms that can close America’s cybersecurity gaps
For decades, the United States government and private sector have worked tirelessly to secure cyberspace, yet our nation remains frighteningly vulnerable to a litany of…
Threat Actors Weaponize ChatGPT and Grok Conversations to Deploy AMOS Stealer
Threat actors are now leveraging the trust users place in AI platforms like ChatGPT and Grok to distribute the Atomic macOS Stealer (AMOS). A new…
WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
Dec 10, 2025Ravie LakshmananVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver…
Microsoft Outlook Vulnerability Let Attackers Execute Malicious Code Remotely
Microsoft has patched a critical remote code execution (RCE)vulnerability in Outlook that could allow attackers to execute malicious code on vulnerable systems. The flaw, tracked…
North Korean Hackers Exploit React2Shell Vulnerability in the Wild to Deploy EtherRAT
A novel, highly sophisticated malware strain targeting vulnerable React Server Components, signaling a significant evolution in how state-sponsored threat actors are exploiting the critical React2Shell…
Ukrainian Woman in US Custody for Aiding Russian NoName057 Hacker Group – Hackread – Cybersecurity News, Data Breaches, AI, and More
The US Justice Department has indicted Ukrainian national Victoria Eduardovna Dubranova, 33, also known as “Vika,” a.k.a. “Tory,” a.k.a. “SovaSonya,” for her alleged role in…