Attack & News

Latest cybersecurity news, threat reports, and attack campaigns

All Feeds Attack & News Gov Alerts / ISAC Vulnerability Alerts Privacy & Governance Fraud & Scams

518 articles

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsof…

NEWSThe Register6 days ago

Pink is the latest goon squad to use fake helpdesk calls to steal creds

A familiar tactic popularized by chaotic crime crew Lapsus$

NEWSCyberScoop6 days ago

Hill Dems hammer GOP for $250M CISA budget cut

A House Appropriations subcommittee is set to mark up fiscal 2027 DHS funding legislation Friday. The post Hill Dems hammer GOP fo…

NEWSThe Register6 days ago

OpenAI's agent chained decade-old DoS attacks to crash web servers in seconds

Codex drops an HTTP/2 Bomb

NEWSCyberScoop6 days ago

Your AI agent could become your biggest insider threat

New research details how the increasing integration of AI agents into businesses is making it easier than ever for insiders - mali…

NEWSSecurity Magazine6 days ago

7 Data Security Stories to Know About (May 2026)

Security magazine takes a look at 7 data security stories from this month.

NEWSWired Security6 days ago

Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones

Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to…

NEWShighThe Hacker News6 days ago

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the…

NEWShighInfosecurity Magazine6 days ago

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts

NEWSSecurity Magazine6 days ago

Security Experts Discuss Threats to FIFA World Cup 2026

This year’s World Cup presents an attractive opportunity for cybercriminals.

NEWSThe Hacker News6 days ago

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repos…

NEWSThe Hacker News6 days ago

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks…

NEWSCyberScoop6 days ago

Inside the race to adapt to an AI-powered security world

AI is breaking things faster than anyone can fix them. Security leaders across the industry are racing to figure out what comes ne…

NEWShighThe Hacker News6 days ago

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shad…

NEWShighInfosecurity Magazine6 days ago

Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate…

NEWSInfosecurity Magazine6 days ago

Chinese-Speaking Actor TA4922 Widens Its Global Reach

Newly named Chinese-speaking actor TA4922 expands from East Asia into Europe and Africa

NEWShighInfosecurity Magazine7 days ago

Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark

A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation

NEWSInfosecurity Magazine7 days ago

Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services

Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals

NEWShighThe Hacker News7 days ago

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K.,…

NEWSThe Register7 days ago

Five Eyes: Watch out for odd LinkedIn connection requests, China's back on the hunt for state secrets

Cash-for-intel tradecraft continues to concern intelligence officials years after it was first spotted

NEWShighThe Hacker News7 days ago

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new ba…

NEWSThe Register7 days ago

Duo who sold car crash victims' data must repay £118k

Fresh penalties secured after initial prison, community service sentences for RAC double act

NEWShighThe Hacker News7 days ago

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsus…

NEWShighThe Hacker News7 days ago

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, co…

NEWSInfosecurity Magazine7 days ago

Infosecurity Europe: How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans

Cybersecurity and business leaders with experience of dealing with major incidents from within the NCSC and at JLR detail what you…

NEWSInfosecurity Magazine7 days ago

Infosecurity Europe: Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity

Former Ukrainian foreign minister, Dmytro Kuleba, urges Infosecurity Europe attendees to fight the good fight

NEWSInfosecurity Magazine7 days ago

Infosecurity Europe: Raise Security Concerns with Procurement Now, Because Quantum Can’t Wait

Forescout VP of security intelligence, Rik Ferguson, warns that Q-day is fast approaching

NEWScriticalThe Register7 days ago

Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine

'Attackers can now cheaply operationalize known vulnerabilities at scale,' boffins tell The Reg

NEWSThe Hacker News7 days ago

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities…

NEWSThe Register7 days ago

All the passwords were stored in Active Directory description fields

It was far too easy for a hacker to get the information