Deeba Ahmed

1929 posts

Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage.

3 minute read

Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff

Five Eyes warns that Chinese spies are using fake job ads on LinkedIn, Indeed, and Upwork to target military staff and steal sensitive data.

byDeeba Ahmed

June 4, 2026

2 minute read

Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Alcasec, the "Robin Hood of Spanish Hackers," is jailed for 31 months after admitting to stealing and selling Spanish citizens' banking data.

byDeeba Ahmed

June 3, 2026

3 minute read

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Fake ChatGPT desktop app ads pushed password-stealing malware by abusing trusted AI links, hiding from scanners, and tricking users into downloads.

byDeeba Ahmed

June 2, 2026

2 minute read

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

Hackers abused Meta’s AI support bot to hijack major Instagram accounts, bypassing security checks as videos showed the flaw before Meta fixed the issue.

byDeeba Ahmed

June 2, 2026

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

3 minute read

Security

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0.

byDeeba Ahmed

June 1, 2026

4 minute read

Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives

Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users' browser, crypto, and Discord data.

byDeeba Ahmed

June 1, 2026

2 minute read

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.

byDeeba Ahmed

May 31, 2026

2 minute read

Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users

Fake Anthropic websites are being used to target Claude Code users with a fileless infostealer campaign that steals browser credentials and evades detection.

byDeeba Ahmed

May 30, 2026

2 minute read

Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms

Iran’s Nimbus Manticore hackers used trojanized Zoom installers to deploy malware against US firms during a wider IRGC linked cyber campaign.

byDeeba Ahmed

May 27, 2026

3 minute read

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Cybercriminals are using SEO poisoning and fake Gemini and Claude installer sites to infect developers with fileless malware and steal data.

byDeeba Ahmed

May 26, 2026

The Latest

MDR Provider Comparison: Time to Discover and Respond to Threats

Meteor 3.0 Migration Helped Rocket.Chat Move Off End-of-Life Node.js Runtime

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse

Deeba Ahmed

Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff

Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users

Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It

Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio