hackread

Anubis Ransomware Lists Disneyland Paris as New Victim

Anubis, a ransomware-as-a-service (RaaS) group that emerged in December 2024, has claimed responsibility for a significant data breach involving Disneyland Paris. The group alleges it exfiltrated 64GB of sensitive data.

New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack

A newly identified cyber threat, Mocha Manakin, leverages social engineering and a custom NodeJS-based backdoor named NodeInitRAT to compromise systems. This threat uses deceptive paste-and-run tactics to bypass security controls and deliver malware.

NICKNAME: Zero-Click iMessage Exploit Targeted Key Figures in US, EU

A critical zero-click vulnerability in Apple’s iMessage service, dubbed NICKNAME, has been discovered and exploited in targeted attacks against high-value individuals in the US and EU.

Over 20 Malicious Apps on Google Play Target Users for Seed Phrases

A coordinated phishing campaign has been discovered on the Google Play Store, involving over 20 malicious Android applications impersonating popular cryptocurrency wallets. These apps are designed to steal users’ 12-word mnemonic phrases.

Unsecured Database Exposes Data of 3.6 Million Passion.io Creators

A massive data breach has exposed the personal and financial information of over 3.6 million users of an app-building platform, Passion[.]io. The exposed database contained 12.2 terabytes of unencrypted and publicly accessible data.

Hackers Leak 86 Million AT&T Records with Decrypted SSNs

The data, reportedly stolen by the ShinyHunters group, includes decrypted Social Security Numbers (SSNs), full names, addresses, dates of birth, and other sensitive personal information.

Code Bug at Compliance Firm Vanta Leaks Customer Data to Other Clients

Vanta has started informing affected customers that their employee account data was incorrectly inserted into their Vanta instance and out of it into other customers’ instances.

Threat Actor Claims TikTok Breach, Puts 428 Million Records Up for Sale

A newly emerged threat actor, “Often9,” has claimed to possess a dataset containing 428 million unique TikTok user records. The data is allegedly being sold on a prominent cybercrime forum and includes sensitive, non-public user information.

Microsoft Entra Design Lets Guest Users Gain Azure Control, Researchers Say

Guest users can gain full control over Azure subscriptions within a host tenant, enabling them to disable security monitoring, create persistent backdoors, and manipulate device trust settings.

SilverRAT Remote Access Trojan Source Code Leaked on GitHub

The full source code of SilverRAT was briefly leaked on GitHub under the repository “SilverRAT-FULL-Source-Code” before being swiftly removed. The leak included complete build instructions, Visual Studio solution files, and a README

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags