Author: Declan Murphy

The Medusa ransomware group has leaked 186.36 GB of compressed information it claimed to have stolen from Comcast Company, a worldwide media and expertise firm. In accordance with Hackread.com’s earlier report, the group acknowledged that it breached Comcast in late September 2025 and obtained a complete of 834 GB of information. The leaked 186 GB archive, as soon as decompressed, ought to quantity to round 834 GB of information, based mostly on the group’s claims. The info trove was launched on Sunday, October 19. The ransomware group had initially requested for $1.2 million from potential consumers to obtain it, the…

Oct 23, 2025Ravie LakshmananCyber Espionage / Risk Intelligence Risk actors with ties to North Korea have been attributed to a brand new wave of assaults concentrating on European corporations energetic within the protection business as a part of a long-running marketing campaign referred to as Operation Dream Job. “A few of these [companies’ are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked to North Korea’s current efforts to scale up its drone program,” ESET security researchers Peter Kálnai and Alexis Rapin said in a report shared with The Hacker News. It’s assessed…

Cybersecurity researchers at Arctic Wolf Labs have uncovered a crafty new menace dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning on a regular basis pictures into Trojan horses for malware.Energetic since March 2025 and advanced quickly by June, this operation hides .NET payloads utilizing Least Vital Bit (LSB) steganography inside recordsdata hosted on trusted websites like archive.org.The approach permits attackers to smuggle distant entry instruments and infostealers previous defenses, concentrating on companies throughout South America, Africa, and Japanese Europe.​The assault kicks off with spear-phishing emails laced with social engineering bait, like faux invoices or pressing quotes, disguised as RAR or…

Third, AI summarizers can have their very own technical countermeasures. For instance, the AI safety firm CloudSEK recommends content material sanitization to strip suspicious inputs, immediate filtering to detect meta-instructions and extreme repetition, context window balancing to weight repeated content material much less closely, and consumer warnings exhibiting content material provenance. Broader defenses might draw from safety and AI security analysis: preprocessing content material to detect harmful patterns, consensus approaches requiring consistency thresholds, self-reflection methods to detect manipulative content material, and human oversight protocols for important selections. Assembly-specific methods might implement extra defenses: tagging inputs by provenance, weighting content material…

In response to those challenges, the business’s focus is now shifting from sheer scale to information high quality and area experience. The once-dominant “scaling legal guidelines” period—when merely including extra information reliably improved fashions—is fading, paving the best way for curated, expert-reviewed datasets. Consequently, corporations more and more talk about information high quality metrics, annotation precision, and professional analysis somewhat than simply GPU budgets. The longer term isn’t about gathering extra information—it’s about embedding experience at scale. This shift represents a brand new aggressive frontier and calls for a elementary rethinking of all the information lifecycle. Relatively than amassing billions…

A cyber-espionage group generally known as Bitter (APT-Q-37), extensively thought to function from South Asia, is utilizing new, sneaky strategies to put in a malicious backdoor program on computer systems belonging to high-value targets. This group has a protracted historical past of stealing delicate data from organisations, particularly these within the authorities, electrical energy, and army industries in international locations like China and Pakistan. The Qi’anxin Risk Intelligence Centre lately uncovered these new assaults, which intention to deploy a single C# backdoor that may remotely obtain and run different dangerous software program (EXE recordsdata) on the sufferer’s machine. Two New…

Oct 22, 2025Ravie LakshmananMalware / Cyber Espionage The Iranian nation-state group often called MuddyWater has been attributed to a brand new marketing campaign that has leveraged a compromised e mail account to distribute a backdoor referred to as Phoenix to numerous organizations throughout the Center East and North Africa (MENA) area, together with over 100 authorities entities. The tip aim of the marketing campaign is to infiltrate high-value targets and facilitate intelligence gathering, Singaporean cybersecurity firm Group-IB mentioned in a technical report printed as we speak. Greater than three-fourths of the marketing campaign’s targets embody embassies, diplomatic missions, international affairs…

Cybercriminals proceed to evolve their e mail phishing arsenals, reviving legacy ways whereas layering on superior evasions to slide previous automated filters and human scrutiny.In 2025, attackers are famous tried-and-true approaches—like password-protected attachments and calendar invitations—with new twists reminiscent of QR codes, multi-stage verification chains, and dwell API integrations.These refinements not solely delay the assault lifecycle but in addition exploit gaps in scanning instruments and customers’ belief in seemingly authentic safety measures.Phishing emails bearing PDF attachments stay a staple of each mass and focused campaigns.Reasonably than embedding clickable hyperlinks instantly, menace actors now favor QR codes inside PDFs. Recipients scan…

Cyberkriminelle haben die Büro-IT der Nickelhütte Aue lahmgelegt.Andrey_Popov – shutterstock.com Wie die Nickelhütte Aue auf ihrer Webseite mitteilt, haben Cyberkriminelle die Büro-IT angegriffen und Daten verschlüsselt. Infolgedessen komme es derzeit zu Beeinträchtigungen der IT-Systeme, heißt es. Ein Sprecher erklärte gegenüber CSO, dass die betroffenen Daten aus den Bereichen HR, Buchhaltung, Finanzen sowie Einkauf und Verkauf stammen. Möglicherweise auch Kundendaten betroffen „Wir können nicht ausschließen, dass dabei auch Kundendaten abgeflossen sind“, fügt der Unternehmenssprecher hinzu. Die Produktion sei jedoch nicht von dem Vorfall betroffen. „Als der Angriff am vergangenen Samstag (18. Oktober) entdeckt wurde, hat der Geschäftsführer sehr schnell reagiert und…

A gaggle of state-sponsored (APT) actors, often called Salt Storm, stays a major menace to networks throughout the globe, reveals the newest report from cybersecurity analysis agency Darktrace. In line with the corporate’s evaluation, shared with Hackread.com, the hackers, who’re believed to be linked to the Folks’s Republic of China (PRC), are nonetheless discovering new methods to breach important infrastructure. Salt Storm Energetic since no less than 2019, Salt Storm is an espionage group that targets essential providers, together with telecommunications suppliers, power networks, and authorities methods, throughout over 80 nations. This group, additionally tracked beneath aliases like Earth Estries…