Hackread.com

Hackers are using fake job interview apps to spread new #JobStealer malware across macOS and Windows systems, stealing crypto, browser credentials, and more disguising itself as a video meeting app.

Read more: https://hackread.com/fake-job-interview-jobstealer-malware-windows-macos/

#CyberSecurity #Malware #macOS #Windows #Crypto #Scam

📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.

Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/

#CyberSecurity #China #MSExchange #Malware #CyberAttack

📢⚠️ A new China-linked #TwillTyphoon hacking group is using fake Apple and Yahoo domains along with trusted #Windows tools to spy on organizations across Japan and the Asia-Pacific region.

Read: https://hackread.com/chinatwill-typhoon-fake-apple-yahoo-sites-espionage/

#CyberSecurity #CyberAttack #Apple #Yahoo #Malware

Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

Read: https://hackread.com/teampcp-mini-shai-hulud-worm-npm-pypi-packages/

#CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

📢⚠️ Hackers are now using #AI to develop zero-day exploits, according to a new Google report. Researchers also uncovered AI-powered #Android backdoors, phishing scams and automated supply chain attacks targeting GitHub and PyPI.

Read: https://hackread.com/google-hackers-used-ai-develop-zero-day-exploit/

#Cybersecurity #Hacking #0Day #Malware #GitHub #PyPI

📢⚠️ Researchers revealed 20-year-old #PostgreSQL flaws at Wiz’s ZeroDay.Cloud hacking event, exposing critical pgcrypto vulnerabilities that could lead to code execution.

Read: https://hackread.com/wiz-zeroday-cloud-event-postgresql-vulnerabilities/

#CyberSecurity #Vulnerability #Wiz #ZeroDayCloud

📢⚠️ A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released. Act now!

Read: https://hackread.com/cpanel-vulnerability-attacker-bypass-login-root-access/

#CyberSecurity #Vulnerability #cPanel #WHM #CyberAttack

A Cursor AI agent wiped #PocketOS’ production database and backups in just 9 seconds after misusing a root API token, exposing serious risks in AI-driven coding and cloud setups.

Read more: https://hackread.com/cursor-ai-agent-wipes-pocketos-database-backups/

#Cybersecurity #AI #DataLoss #CursorAI #Cursor #ClaudeOpus

📢⚠️ Cursor AI IDE hit by a high-severity flaw that lets attackers execute code via hidden Git hooks in cloned repos, no clicks needed. A routine dev action can trigger a full system compromise. Patch now.

Read: https://hackread.com/cursor-ai-ide-vulnerability-code-execution-git-hooks/

#Cybersecurity #AI #Vulnerability #Git #CursorAI

🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

Read: https://hackread.com/teampcp-bitwarden-cli-dependabot-shai-hulud-malware/

#CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

📢⚠️ New #ZeroDayRAT malware is being sold on Telegram, targeting Android and iOS devices with real-time monitoring, location tracking, surveillance and crypto theft tools.

Read: https://hackread.com/zerodayrat-malware-monitoring-android-ios-devices/

#Cybersecurity #Malware #Android #iOS #MaaS #Spyware

#ScatteredSpider tricked Cognizant's helpdesk with fake calls, gaining admin access and crippling Clorox in a $380M ransomware attack. New analysis breaks down how it happened:

Read: https://hackread.com/how-scattered-spider-fake-calls-breach-clorox-cognizant/

#CyberSecurity #DataBreach #Clorox #Cognizant #Ransomware