wolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update Now! Critical wolfSSL flaw CVE-2026-5194 allows digital ID forgery across billions of devices, update to version 5.9.1 to fix the issue and reduce risk.

Critical wolfSSL flaw (CVE-2026-5194) allows digital ID forgery across billions of devices. Update to version 5.9.1 to fix the issue and reduce risk

Read: hackread.com/wolfssl-vuln...

#CyberSecurity #Vulnerability #wolfSSL #IoT

Kraken Exchange Faces Extortion After Insider Recorded System Footage Kraken exchange faces extortion after a staff member misused access to record internal systems, about 2,000 accounts affected, no funds or systems breached.

The US-based Kraken crypto exchange is facing extortion demands after an insider, a staff member, misused their access to record internet systems.

Read: hackread.com/kraken-excha...

#CyberSecurity #Crypto #CyberCrime #Kraken #Extortion

Booking.com Confirms Data Breach as Hackers Access Customer Details Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now!

Another day, another data breach: #Booking.com confirms a data breach after hackers accessed customer details, including names, emails, and booking info.

Read: hackread.com/booking-com-...

#BookingCom #DataBreach #CyberSecurity #Phishing

Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.

📢⚠️ #ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers in the US and the UK.

Read: hackread.com/ransomware-v...

#CyberSecurity #Malware #DragonForce #Ransomware

OpenAI Rotates macOS Certificates Following Axios Supply Chain Breach OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.

OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.

Read: hackread.com/openai-macos...

#OpenAI #Axios #macOS #DatBreach

BITTER APT Uses Signal, Google, and Zoom Lures to Spread ProSpy Spyware BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing.

Watch out, as in an ongoing campaign, BITTER APT is spreading ProSpy and ToSpy spyware via Signal, Google, and Zoom lures to target journalists through LinkedIn and iMessages.

Read: hackread.com/bitter-apt-s...

#CyberSecurity #LinkedIn #iMessage #Spyware #BitterAPT

OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

#OpenSSF warns of hackers impersonating Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.

Read: hackread.com/openssf-malw...

#CyberSecurity #Malware #LinuxFoundation #Scam

Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.

Alleged German cybercrime figure Noah Christopher has been arrested in Thailand after years running global DDoS-for-hire services, including Fluxstress and Neldowner, worldwide.

Read: hackread.com/german-ddos-...

#CyberCrime #CyberSecurity #DDoS #Fluxstress #Neldowner

Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.

A lone hacker exploited #ClaudeCode and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizens' records from 9 government agencies.

Read: hackread.com/hacker-claud...

#CyberSecurity #CyberCrime #DataBreach #Mexico #AI #GPT4

FBI Atlanta and Indonesian National Police Take Down W3LLSTORE Phishing Market FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.

FBI Atlanta and Indonesian police have seized and taken down #W3LLSTORE, a notorious phishing marketplace linked to $20 million in fraud, seizing domains and detaining the developer.

Read: hackread.com/fbi-atlanta-...

#Cybersecurity #Phishing #CyberCrime #FBI #Fraud #Indonesia

FBI Recovers Deleted Signal Messages Through iPhone Notifications Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals. Here's how to disable this!

The FBI recovered deleted Signal messages from an iPhone even after the app was removed. Here’s how to change your notification settings to keep chats private.

Read: hackread.com/fbi-recover-...

#CyberSecurity #Privacy #Single #FBI #Cellebrite #iPhone

Google Chrome Update Disrupts Infostealer Cookie Theft Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.

📢⚠️⛔ Google Chrome rolled out an update that disrupts infostealer attacks by making stolen session cookies useless.

Read: hackread.com/google-chrom...

#Cybersecurity #Infostealer #Malware #Chrome #Google

📢⚠️ Just In: ShinyHunters claims access to Rockstar Games Snowflake data via #Anodot breach, threatening a data leak on April 14 if ransom demands are not met.

Read: hackread.com/shinyhunters...

#CyberSecurity #DataBreach #ShinyHunters #RockstarGames #Snowflake

Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries Android banking trojan linked to Cambodia scam compounds targets users in 21 countries, using fake apps to and steal funds from victims.

An Android banking trojan linked to #Cambodia scam compounds in K99 Triumph City is targeting users in 21 countries through fake apps, with researchers speaking directly to people held inside these operations.

Read: hackread.com/android-bank...

#CyberSecurity #Android #Malware #CyberCrime

GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware Lazarus hackers revive the GraphAlgo scam, registering real US LLCs to trick crypto developers into running malware via fake job tests.

#Graphalgo Scam: North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using #GitHub typosquatting to target developers with malware.

Read: hackread.com/graphalgo-sc...

#CyberSecurity #NorthKorea #Lazarus #Blockchain #Scam

#UNC6783 extortionist hackers impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data, #Google warns.

Read: hackread.com/unc6783-hack...

#CyberSecurity #CyberCrime #Okta #Extortion #Scam

Adobe Reader Zero-Day Exploited to Steal Data via Malicious PDFs An Adobe Reader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.

An #AdobeReader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.

Read: hackread.com/adobe-reader...

#CyberSecurity #Adobe #Vulnerability #0day #PDF

Claude Code overview - Claude Code Docs Claude Code is an agentic coding tool that reads your codebase, edits files, runs commands, and integrates with your development tools. Available in your terminal, IDE, desktop app, and browser.

LayerX says it received no clear response after it flagged a serious #ClaudeCode flaw to Anthropic that bypasses safety rules, letting attackers run SQL injection and steal credentials using simple instructions.

Read: hackread.com/claude-code-...

#CyberSecurity #Claude #Anthropic #AI #LayerX

Watch out as new macOS Malware #notnullOSX targets crypto wallets over $10K, using fake apps, Terminal tricks, and backdoors to steal funds and sensitive data.

Read: hackread.com/macos-malwar...

#CyberSecurity #macOS #Malware #Crypto

Operation Masquerade: FBI Disrupts Russian Router Hacking Campaign Operation Masquerade: The FBI and DoJ disrupted a Russian GRU campaign that hijacked routers via DNS attacks to spy on users and steal credentials.

📢 #OperationMasquerade: The FBI and DoJ have disrupted a Russian GRU campaign that hijacked routers via DNS attacks to spy on users and steal credentials.

Read: hackread.com/operation-ma...

#CyberSecurity #Russia #USA #IoT #Router #FBI #DNS

Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Vulnerability Disclosure Storm-1175 launches Medusa ransomware attacks on healthcare and education in the UK, US, and Australia, exploiting flaws within 24 hours fast.

📢 Storm-1175 hackers are launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours.

Read: hackread.com/storm-1175-h...

#CyberSecurity #Vulnerability #Storm1175 #Medusa #Ransomware

Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying.

📢 Russian-linked #ForestBlizzard hackers hijack home routers for global surveillance, as Microsoft warns that thousands of devices are compromised to intercept traffic and sensitive data.

Read: hackread.com/russian-fore...

#CyberSecurity #Hacking #Russia #FancyBear #Routers

New ClickFix Attack Uses Node.js Malware via Tor to Steal Crypto Netskope Threat Labs report a new ClickFix attack using fake CAPTCHAs to deploy Tor-backed NodeJS malware and drain crypto wallets on Windows.

That “I’m not a robot” click could drain your crypto. A new ClickFix attack uses #Node.js malware and Tor to quietly take over Windows systems and steal wallets, all triggered by a fake CAPTCHA.

Read: hackread.com/clickfix-att...

#CyberSecurity #Crypto #Malware #ClickFix #Windows #Tor

Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit.

REF1695 hackers have been spreading #Monero mining malware for months via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit.

Read: hackread.com/hackers-non-...

#CyberSecurity #REF1695 #Crypto #Cryptomining #Malware

GrafanaGhost Vulnerability Allows Data Theft via AI Injection GrafanaGhost is a critical vulnerability in Grafana’s AI components that uses indirect prompt injection and protocol-relative URL bypasses to exfiltrate data.

Cybersecurity researchers uncover “#GrafanaGhost,” a critical flaw in Grafana that lets attackers silently steal sensitive data using AI prompt injection and URL bypass tricks, no clicks required.

Read: hackread.com/grafanaghost...

#CyberSecurity #Grafana #Vulnerability #AI

#AI agents are being handed access to sensitive systems, but security hasn’t kept up. Study shows:

• 46% of firms grant AI tools access to critical data

• 76% lack proper governance for these identities

• Only 28% have full visibility into non-human identities

Read: hackread.com/ai-agents-no...

Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords.

Watch out as hackers are exploiting the Iran-US-Israel conflict by sending fake missile alert emails and QR codes to push victims to steal Microsoft credentials.

Read: hackread.com/missile-aler...

#CyberSecurity #Phishing #Scam #Iran #Israel #Microsoft

6 months without any red flags.

Cloudflare Targets WordPress With New AI-Powered EmDash CMS Cloudflare launches EmDash CMS, an AI-powered platform built to fix WordPress security flaws with sandboxed plugins, serverless scaling and passkey auth.

Cloudflare takes on WordPress with #EmDash CMS, AI features, sandboxed plugins, and serverless hosting built around security.

Read: hackread.com/cloudflare-w...

#CyberSecurity #Cloudflare #CMS #AI #WordPress

North Korean Hackers Pose as Trading Firm to Steal $285M from Drift North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion.

North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285 million without suspicion.

Read: hackread.com/north-korean...

#CyberSecurity #CyberCrime #Drift #Crypto #NorthKorea