A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
Category: EN
Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v4.0 base score of 9.5, highlighting the urgency for…
PhantomVAI Custom Loader Abuses RunPE Utility to Launch Stealthy Attacks on Users
A new threat called PhantomVAI, a custom “loader” used to launch cyberattacks worldwide. A loader is a type of malicious software designed to secretly download and start other dangerous programs on a victim’s computer. What makes PhantomVAI special is that…
New AI-Powered Threat Allows Hackers to Gain AWS Admin Access in Minutes
A highly sophisticated offensive cloud operation targeting an AWS environment.The attack was notable for its extreme speed taking less than 10 minutes to go from initial entry to full administrative control and its heavy reliance on AI automation. The threat…
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected devices. Security researchers jro, caprinuxx, and sunshinefactory discovered nine…
Read All Jeffrey Epstein Files Here: The 2026 Public Disclosure
The U.S. Department of Justice (DOJ) has recently concluded a massive release of documents related to the investigations… The post Read All Jeffrey Epstein Files Here: The 2026 Public Disclosure appeared first on Hackers Online Club. This article has been…
Celebrating the 2025 Check Point Software EMEA Partner Award Winners — Recognizing Excellence Across the Region
Check Point® Software Technologies today announced the 2025 Check Point Software Technologies EMEA Partner Award Winners, recognizing outstanding partners across the region who continue to deliver AI‑powered, prevention‑first cyber security outcomes for customers. The winners were honoured during the Check…
Amaranth-Dragon: Targeted Cyber Espionage Campaigns Across Southeast Asia
Executive Summary Check Point Research uncovered highly targeted cyber espionage campaigns aimed at government and law enforcement agencies across the ASEAN region throughout 2025. The activity is attributed to Amaranth-Dragon, a previously untracked threat actor assessed to be closely linked…
Windows Shutdown Bug Spreads to Windows 10, Microsoft Confirms
Microsoft confirms a Windows bug preventing some PCs from shutting down or hibernating after January 2026 updates. A fix is still pending. The post Windows Shutdown Bug Spreads to Windows 10, Microsoft Confirms appeared first on TechRepublic. This article has…
Microsoft: Info-Stealing malware expands from Windows to macOS
Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapidly expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Since…
GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS
GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a coordinated reconnaissance campaign targeting Citrix ADC and NetScaler Gateways.…
Paris raid on X focuses on child abuse material allegations
French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europol support, raided the X offices in Paris in a criminal probe over…
US Declassifies Information on JUMPSEAT Spy Satellites
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually impressed to see a declassification only two decades after decommission. This article has been indexed from Schneier on Security…
Defending Against AI-Powered Cyber Attacks: Why Your Blue Team Needs New Skills
AI-powered cyber attacks are outpacing traditional defenses. Learn the four key threat categories and the new skills blue teams need to defend against them. The post Defending Against AI-Powered Cyber Attacks: Why Your Blue Team Needs New Skills appeared first…
OT attacks surge as threat actors embrace cloud and AI, warns Forescout
Cyberattacks targeting operational technology (OT) environments rose sharply in 2025, according to new research from Forescout, highlighting growing risks to critical infrastructure as attackers adapt to cloud services, AI platforms and increasingly distributed attack infrastructure. Forescout’s 2025 Threat Roundup Report,…
Five Predictions for Cyber Security Trends in 2026
During a recent Threat Watch Live session, Adam Pilton challenged Morten Kjaersgaard, Heimdal’s Chairman and Founder, to predict three cyber security trends for 2026. Adam added his own predictions, drawing from this experience as a former cybercrime detective. Spoiler: Both Morten and Adam agreed that 2026 will bring a sharper focus…
CISA Warns of GitLab Community and Enterprise Editions SSRF Vulnerability Exploited in Attacks
A critical GitLab vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog. Threat actors are actively exploiting a server-side request forgery (SSRF) flaw in GitLab Community and Enterprise editions. The vulnerability, tracked as CVE-2021-39935, poses significant risks to…
Threat Actors Abuse Microsoft & Google Platforms to Attack Enterprise Users
Enterprise security teams are facing a sophisticated new challenge as cybercriminals increasingly exploit trusted cloud platforms to launch phishing attacks. Instead of relying on suspicious newly registered domains, threat actors now host their malicious infrastructure on legitimate services like Microsoft…
ValleyRAT Mimic as LINE Installer Attacking Users to Steal Login Details
A sophisticated malware campaign has surfaced where threat actors are distributing the ValleyRAT backdoor disguised as a legitimate installer for the popular messaging application, LINE. This targeted attack primarily focuses on Chinese-speaking users, leveraging a deceptive executable to infiltrate systems…
Supply Chain Attack Abused Notepad++ Update Infrastructure to Deliver Targeted Malware
The developers of Notepad++ disclosed a critical security breach on February 2, 2026, affecting their update infrastructure. The popular text editor, widely used by developers worldwide, became the target of a sophisticated supply chain attack that remained undetected for several…