Real-time threat intelligence from trusted sources
BleepingComputer
Cloudflare is experiencing outages, causing numerous websites to display a 500 Internal Server Error. The company is currently investigating the issue, which is impacting a wide range of online services and platforms.
The UK's National Cyber Security Center (NCSC) has launched a new service called Proactive Notifications aimed at alerting organizations about vulnerabilities in their systems. This initiative is crucial for enhancing cybersecurity awareness and proactive defense strategies among organizations in the UK.
CyberScoop
The article highlights an ongoing espionage threat from China, utilizing Brickstorm malware that has affected numerous organizations over the past three years. The average duration of these attacks is reported to be 393 days, indicating a significant and persistent threat landscape.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Qilin ransomware has claimed responsibility for stealing internal data from the Church of Scientology, providing 22 screenshots as evidence of the breach. The Church has not confirmed the incident, highlighting the ongoing concerns regarding ransomware attacks and data security within organizations.
The article discusses newly published guidance from global cybersecurity agencies on the safe deployment of artificial intelligence in operational technology (OT), which is essential for critical infrastructure. This guidance aims to address potential security risks associated with AI in OT environments.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The LummaC2 infostealer has infected a device used by North Korean hackers, revealing connections to the $1.4 billion Bybit heist. This incident highlights significant operational security failures and exposes the tools and infrastructure utilized by these cybercriminals.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a new malware threat named BrickStorm, which is being used by Chinese hackers to backdoor VMware vSphere servers. This poses a significant risk to organizations using these servers, as it could lead to unauthorized access and potential data breaches.
Two Virginia brothers have been charged with conspiring to steal sensitive information and wipe government databases after being terminated from their roles as federal contractors. This incident raises concerns about insider threats and the potential for significant data loss in government systems.
Infosecurity Magazine
Cybersecurity agencies have released guidance aimed at ensuring the secure integration of artificial intelligence into operational technology (OT) systems. This guidance highlights the importance of addressing potential vulnerabilities and threats associated with AI in critical infrastructure.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cloudflare's Q3 2025 DDoS Threat Report highlights the unprecedented scale of a DDoS attack launched by the Aisuru botnet, reaching 29.7 Tbps. This surge in attacks indicates a growing threat landscape, particularly affecting critical sectors and emphasizing the need for enhanced cybersecurity measures.
ASUS has confirmed a data breach caused by a third-party vendor, with the Everest ransomware group claiming to have leaked sensitive data from ASUS, ArcSoft, and Qualcomm. The breach involved exposure of some phone camera source code but did not impact internal systems or products.
The article discusses a critical vulnerability known as 'React2Shell' in the React Server Components (RSC) 'Flight' protocol, which allows remote code execution without authentication in React and Next.js applications. This severe flaw poses significant risks to developers and organizations using these frameworks, as it could lead to unauthorized access and control over servers.
The article discusses the vulnerabilities in operational technology (OT) environments due to weak password policies, highlighting that aging systems and shared accounts can lead to significant cyber threats. It emphasizes the importance of implementing stronger password policies and continuous monitoring for compromised credentials to enhance the security of critical OT infrastructure.
Global cyber agencies have released a 25-page document outlining four key principles for the secure integration of artificial intelligence with operational technology in critical infrastructure. This guidance aims to enhance security measures and mitigate potential risks associated with AI deployment in vital systems.
Freedom Mobile has reported a data breach where hackers accessed and stole customers' personal information from its account management platform. This incident raises concerns about the security of customer data and the potential implications for affected individuals.