Cyber Attack

CISA Urges Action on Potential Oracle Cloud Credential Compromise

2 minute read

Security

CISA Urges Action on Potential Oracle Cloud Credential Compromise

Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading…

byDeeba Ahmed

April 17, 2025

2 minute read

Mass Ransomware Campaign Hits S3 Buckets Using Stolen AWS Keys

Researchers reveal a large-scale ransomware campaign leveraging over 1,200 stolen AWS access keys to encrypt S3 buckets. Learn…

byDeeba Ahmed

April 17, 2025

3 minute read

Hertz Confirms Data Breach After Hackers Stole Customer PII

Hertz confirms data breach linked to Cleo software flaw; Cl0p ransomware group leaked stolen data, exposing names, driver’s…

byDeeba Ahmed

April 16, 2025

2 minute read

4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak

UPDATE: Hackread.com has reviewed internal Discord chat logs from 4chan's Discord server, which confirm the breach.

byWaqas

April 15, 2025

Fake PDFCandy Websites Spread Malware via Google Ads

2 minute read

Fake PDFCandy File Converter Websites Spread Malware

CloudSEK uncovers a sophisticated malware campaign where attackers impersonate PDFCandy.com to distribute the ArechClient2 information stealer. Learn how…

byDeeba Ahmed

April 15, 2025

3 minute read

Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp

Cheap Android phones with preinstalled malware use fake apps like WhatsApp to hijack crypto transactions and steal wallet recovery phrases.

byWaqas

April 14, 2025

2 minute read

Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access

Hackers exploit Fortinet flaws to plant stealth backdoors on FortiGate devices, maintaining access even after patches. Update to…

byWaqas

April 14, 2025

Lab Breach Tied to Planned Parenthood Compromises 1.6M Records

3 minute read

Security

Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M

Data breach at Laboratory Services Cooperative (LSC) exposed the sensitive health and personal information of 1.6 million individuals…

byDeeba Ahmed

April 14, 2025

2 minute read

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…

byDeeba Ahmed

April 11, 2025

2 minute read

npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers

ReversingLabs reveals a malicious npm package targeting Atomic and Exodus wallets, silently hijacking crypto transfers via software patching.

byDeeba Ahmed

April 10, 2025

The Latest

2025’s Top OSINT Tools: A Fresh Take on Open-Source Intel

CISA Urges Action on Potential Oracle Cloud Credential Compromise

Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH

Cyber Attack

CISA Urges Action on Potential Oracle Cloud Credential Compromise

Hertz Confirms Data Breach After Hackers Stole Customer PII

4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak

Fake PDFCandy File Converter Websites Spread Malware

Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp

Fortinet Issues Fixes After Attackers Bypass Patches to Maintain Access

Data Breach at Planned Parenthood Lab Partner Exposes Info of 1.6M

Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing

npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers

SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions

Gcore Super Transit Brings Advanced DDoS Protection and Acceleration for Superior Enterprise Security and Speed

SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections

Secure Ideas Achieves CREST Accreditation and CMMC Level 1 Compliance