Security
Headlines
HeadlinesLatestCVEs

Source

HackRead

North Korea’s ScarCruft Targets Academics With RokRAT Malware

A new report reveals North Korea-linked ScarCruft is using RokRAT malware to target academics in a phishing campaign.…

HackRead
Open in Source
#google#backdoor#pdf
Amazon Disrupts Russian APT29 Watering Hole Targeting Microsoft Authentication

Amazon has disrupted a Russian APT29 watering hole campaign that used compromised sites to target Microsoft authentication with…

Feds Seize VerifTools.Net, Operators Relaunch with VerifTools.com

Authorities in the United States and the Netherlands have seized VerifTools, a marketplace selling fake IDs for cybercrime.…

WhatsApp 0-Day Exploited in Attacks on Targeted iOS and macOS Users

WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…

Hackers Exploit CrushFTP Zero-Day to Take Over Servers

WatchTowr Labs uncovers a zero-day exploit (CVE-2025-54309) in CrushFTP. The vulnerability lets hackers gain admin access via the…

8 Malicious NPM Packages Stole Chrome User Data on Windows

JFrog researchers found eight malicious NPM packages using 70 layers of obfuscation to steal data from Chrome browser…

Dexter: Resurrection Finale Leaks Online in Russian Dub

Dexter: Resurrection finale leaks in Russian dub ahead of release. Episodes 9 and 10 surface online, echoing past…

Fake Facebook Ads Push Brokewell Spyware to Android Users

A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware…

TransUnion Data Breach: 4.4 Million US Consumers’ Data Stolen

A TransUnion data breach exposed 4.4 million US consumers’ Social Security numbers via a Salesforce hack. The attack…

CISA Adds Citrix and Git Flaws to KEV Catalogue Amid Active Exploitation

CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must…