The cybercriminal group known as Silver Fox has recently shifted its focus to Indian users, employing income tax-themed phishing emails to spread a remote access trojan called ValleyRAT. This malware is designed to give attackers remote control over infected systems. Researchers from CloudSEK, Prajwal Awasthi and Koushik Pal, noted that the attack utilizes a sophisticated method involving DLL hijacking to ensure the malware remains persistent on the target devices. Users in India should be particularly cautious of emails related to taxes, as they are being used as bait to deliver this malicious software. The rise in such targeted phishing campaigns emphasizes the need for increased awareness and cybersecurity measures among individuals and organizations.
Condé Nast has reported a significant data breach involving the personal information of 2.3 million subscribers from WIRED.com. The hacker, known as 'Lovely', posted the leaked data on December 20, 2025, on a hacking forum called Breach Stars. In addition to the WIRED records, the hacker claims to have access to data from up to 40 million more users associated with other Condé Nast brands. This breach raises serious concerns about the security of personal information held by major publishers and the potential for further exposure of sensitive data. Users affected by this incident may face risks such as identity theft and phishing attacks, emphasizing the need for vigilance in monitoring their accounts and personal information.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Actively Exploited
A hacker known as 'Lovely' has leaked personal data from over 2.3 million Wired.com accounts, claiming to have access to a larger trove of data that includes 40 million user records from Condé Nast, the parent company of Wired. This breach raises significant concerns for users who may have had their sensitive information exposed, including email addresses and potentially other personal details. The hacker shared the leaked data on a dark web forum, which poses serious risks for identity theft and phishing attacks. Companies like Condé Nast must take immediate action to investigate the claims and ensure the security of their systems to protect users. The incident serves as a reminder of the ongoing vulnerabilities that exist in the digital landscape and the need for robust security measures.
Users of the Trust Wallet Chrome extension have reported significant cryptocurrency losses after a malicious update was released on December 24. This compromised update allowed attackers to drain wallets, leading to millions in losses for affected individuals. In conjunction with this incident, researchers discovered a phishing domain set up by the hackers, further indicating a coordinated effort to exploit Trust Wallet users. The company has responded urgently, advising users to take precautions and remain vigilant to avoid further losses. This incident serves as a stark reminder of the risks associated with browser extensions and the importance of ensuring that software updates are legitimate and secure.
The Clop ransomware group has claimed responsibility for a significant data breach at the University of Phoenix, affecting approximately 3.5 million people. The breach reportedly exposed sensitive information, although the exact nature of the data compromised has not been detailed. This incident raises serious concerns about the security measures in place at educational institutions and the potential for misuse of the stolen data. Individuals affected by the breach may face risks such as identity theft or phishing attempts. As the investigation continues, it underscores the need for stronger cybersecurity protocols to protect personal information in higher education settings.
In 2025, ransomware attacks have shown a significant increase, with various industries facing heightened risks. The report outlines key statistics that reveal the evolving tactics used by attackers, including targeted assaults on critical infrastructure and healthcare systems. Companies are increasingly vulnerable as ransomware groups adapt, often deploying double extortion techniques that not only encrypt data but also threaten to leak sensitive information if ransoms are not paid. This trend poses serious implications for businesses, as the financial and reputational damage from such attacks can be substantial. Organizations are urged to bolster their cybersecurity measures and educate employees about phishing and other attack vectors to mitigate these risks.
Nissan has confirmed that the personal information of approximately 21,000 customers was compromised due to a data breach involving Red Hat's GitLab instances. Hackers gained unauthorized access to sensitive data, raising concerns about the security of customer information in the automotive industry. This incident emphasizes the ripple effects that breaches at major technology providers can have on their clients. The stolen data could potentially be used for identity theft or phishing attacks, putting affected customers at risk. Companies like Nissan must prioritize robust cybersecurity measures to protect customer data and maintain trust.
Federal authorities have seized a password database linked to a large-scale bank account takeover scheme that targeted $28 million in funds. The attackers used phishing techniques to compromise bank accounts, putting numerous individuals and financial institutions at risk. This operation illustrates the ongoing threat posed by cybercriminals who exploit user credentials to access sensitive financial information. The seizure of the password database is a significant step in disrupting these criminal activities and protecting potential victims from further financial loss. As phishing remains a prevalent tactic, users must remain vigilant and practice safe online behaviors to safeguard their accounts.
Nissan has reported that a data breach at Red Hat has compromised the personal information of thousands of its customers. The breach, which occurred in September, has raised concerns about the security of customer data, as it highlights vulnerabilities in third-party services that companies rely on. Nissan has not specified the exact nature of the compromised information, but the incident emphasizes the risks associated with data sharing among businesses. Customers are urged to monitor their accounts for any suspicious activity and to remain vigilant about potential phishing attempts that could arise from the breach. This incident serves as a reminder for companies to assess their security measures and the safeguards in place for customer data.
Fortra has identified a highly active business email compromise (BEC) group known as 'Scripted Sparrow', which is operating across three continents and at least five countries. This group is responsible for sending millions of fraudulent emails each month, targeting businesses and individuals to steal sensitive information and money. The scale of their operations poses a significant risk to organizations globally, as these types of scams can lead to substantial financial losses. Companies need to remain vigilant and implement strong email security measures to protect against this growing threat. Awareness and training for employees on recognizing phishing attempts are also crucial in combating such schemes.
A recent report from Proofpoint reveals a rise in phishing attacks that take advantage of Microsoft's OAuth device code flow. These campaigns target Microsoft 365 users, tricking them into providing access to their accounts through fake sign-in prompts. The attacks exploit the trust users place in the OAuth process, which is designed to facilitate secure authentication. As a result, individuals and organizations using Microsoft 365 could be at risk of unauthorized access to sensitive information. This surge in phishing attempts underscores the need for heightened awareness and vigilance among users to avoid falling victim to these scams.
In October 2025, Kaspersky reported a new wave of phishing attacks linked to a group known as Operation ForumTroll, specifically targeting Russian scholars. These attackers are using fake emails that appear to come from a legitimate eLibrary service to lure victims into providing sensitive information. This shift from targeting organizations in the spring to focusing on individuals in the fall raises concerns about the attackers' evolving strategies. The origins of the threat actor remain unclear, but the targeted approach suggests a calculated effort to exploit the academic community. Such incidents can lead to significant data breaches and have serious implications for both personal and institutional security.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Actively Exploited
A hacking group known as ShinyHunters has reportedly stolen 94GB of data from former Pornhub Premium users, which includes their watch histories. This breach is part of an extortion campaign aimed at these users, raising significant privacy concerns. The attackers utilized a smishing attack, where they sent phishing messages via text to lure victims into revealing personal information. While the specifics of the breach are still being investigated, conflicting reports have emerged about the extent and security of the data involved. This incident underscores the ongoing risks associated with online platforms, particularly regarding user data security and the potential for exploitation by cybercriminals.
SoundCloud has confirmed that hackers accessed the personal information of approximately 20% of its user base. The breach raises concerns about the security of user data on the platform, as it affects a significant number of accounts. This incident could lead to potential misuse of the compromised information, such as phishing attacks or identity theft. Users are advised to change their passwords and monitor their accounts for any suspicious activity. SoundCloud's response to the breach will be crucial in restoring user trust and ensuring the security of their systems moving forward.
Phishing remains a common tactic for cyber attackers, making user training essential for defense. Researchers at the University of Bari conducted studies with 480 participants to evaluate the effectiveness of using AI-generated content for phishing awareness training. The results indicated that training using large language models (LLMs) improved participants' ability to identify suspicious emails. This suggests that integrating AI into training programs could enhance users' resilience against phishing attacks, which is crucial as these tactics continue to evolve. By equipping users with better training, organizations can potentially reduce their vulnerability to these types of cyber threats.