Recent Posts
News•Feb 13, 2026
The $17 Billion Wake-Up Call: Securing Crypto in the Age of AI Scams
The 2026 Chainalysis report estimates crypto‑related scams cost $17 billion, driven by a 1,400% surge in impersonation attacks and a 456% jump in AI‑enabled fraud. Machine‑learning tools have turned scams into factory‑scale operations, making them 4.5 times more profitable than traditional schemes. Binance’s AI‑powered compliance stack, protecting 300 million users, reportedly averted $6.69 billion in fraud and earned ISO 42001 certification. The industry now faces a race where AI lowers the barrier for criminals while simultaneously raising the ceiling for defenders.
By HackRead
News•Feb 10, 2026
Best Tools for Test Data Management to Accelerate QA Teams in 2026
Test Data Management (TDM) tools are becoming essential for QA and DevOps teams as CI/CD pipelines demand rapid, compliant data provisioning. In 2026, vendors such as K2view, Delphix, Datprof, IBM Optim, Informatica, and Broadcom lead the market, each emphasizing self‑service,...
By HackRead
News•Feb 10, 2026
Most Engagement Data Is Compromised and That’s a Major Security Problem
Most digital engagement metrics are being polluted by bots, synthetic traffic, and identity spoofing, turning them from reliable signals into attack surfaces. Datavault AI is addressing this by building a verification‑first platform that authenticates human actions at the point of...
By HackRead
News•Feb 10, 2026
Pride Month Phishing Targets Employees via Trusted Email Services
Scammers have launched a Pride‑themed phishing campaign weeks before June, exploiting diversity messaging to steal employee credentials. The operation leverages compromised SendGrid accounts to send seemingly internal emails that either promise Pride branding or an opt‑out link, driving engagement regardless...
By HackRead
News•Feb 10, 2026
Navigating MiCA: A Practical Compliance Guide for European CASPs
The EU’s Markets in Crypto‑Assets Regulation (MiCA) replaces disparate national rules with a single, EU‑wide framework for Crypto‑Asset Service Providers (CASPs). It mandates incorporation in an EU member state, a national licence, and capital thresholds ranging from €50,000 to €150,000...
By HackRead
News•Feb 8, 2026
UK Construction Firm Hit by Prometei Botnet Hiding in Windows Server
A UK construction company discovered the Russian‑linked Prometei botnet hidden on its Windows Server in January 2026. The malware entered via weak RDP credentials, installed persistent services, and used Mimikatz to steal network passwords while mining Monero cryptocurrency. Researchers from eSentire’s...
By HackRead
News•Feb 5, 2026
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Researchers at Infoblox uncovered a global DNS hijacking campaign that compromised outdated home routers in more than 30 countries. Attackers altered router DNS settings, redirecting traffic through servers owned by Aeza International, a U.S.-sanctioned Russian bulletproof hosting provider. The rerouted...
By HackRead
News•Feb 4, 2026
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
Chinese‑linked hacking group Mustang Panda launched a covert espionage campaign in late 2025, distributing counterfeit US diplomatic briefings to government officials across Asia and Eastern Europe. The malicious PDFs triggered infection simply by being opened, deploying the PlugX DOPLUGS downloader...
By HackRead
News•Feb 4, 2026
MomentProof Deploys Patented Digital Asset Protection
MomentProof, Inc. has deployed its patented MomentProof Enterprise platform for AXA, enabling cryptographically sealed, AI‑resilient digital assets in the insurer's claims process. The technology certifies images, video, audio and metadata at capture, providing deterministic authenticity verification. AXA reports eliminated probabilistic...
By HackRead
News•Feb 4, 2026
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
One Identity announced the appointment of Gihan Munasinghe as Chief Technology Officer. Munasinghe brings more than 15 years of experience leading global engineering organizations and modernising legacy platforms. He will steer the engineering team, accelerate the company’s SaaS delivery model...
By HackRead
News•Feb 3, 2026
Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems
The Everest ransomware group alleges it stole roughly 90 GB of data from legacy Polycom engineering environments, which were acquired by HP in 2022 and now operate under the HP Poly brand. Screenshots released by the gang show file directories, source‑code trees...
By HackRead
News•Feb 2, 2026
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi‑stage phishing campaign is targeting business users by sending clean‑looking procurement emails that contain PDFs with hidden clickable buttons. The PDFs exploit AcroForms and FlateDecode to redirect victims to a second file hosted on legitimate Vercel Blob storage, bypassing...
By HackRead
News•Jan 30, 2026
Arsink Spyware Posing as WhatsApp, YouTube, Instagram, TikTok Hits 143 Countries
Researchers at Zimperium’s zLabs have uncovered Arsink, an Android remote‑access trojan that masquerades as over 50 popular apps, including WhatsApp and TikTok. The campaign has infected roughly 45,000 devices in 143 countries, using Telegram, Discord and MediaFire links to distribute...
By HackRead
News•Jan 29, 2026
Common Cloud Migration Security Mistakes (and How to Avoid Them)
Enterprises rushing to the cloud often overlook security, leading to costly gaps. Common pitfalls include naïve lift‑and‑shift migrations, weak identity controls, and inadequate data protection. The article outlines ten frequent mistakes and provides concrete steps—such as workload‑by‑workload assessment, least‑privilege access,...
By HackRead
News•Jan 29, 2026
This Startup Aims to Solve Crypto’s Broken Key Management Problem
Sodot unveiled its Exchange API Vault, a self‑hosted solution that secures cryptocurrency exchange API keys while keeping them instantly available for trading. The vault combines multi‑party computation and trusted execution environments to split keys, preventing plaintext exposure even during high‑frequency...
By HackRead
News•Jan 28, 2026
Russian Cybercrime Platform RAMP Forum Seized by FBI
U.S. FBI seized the clearnet and dark‑web domains of the Russian‑language cybercrime forum RAMP, known for ransomware and access‑broker services. The operation, coordinated with the DOJ’s Computer Crime and Intellectual Property Section and the Southern District of Florida, redirected both...
By HackRead
News•Jan 28, 2026
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics
Point Wild’s Lat61 Threat Intelligence team has identified the GoTo Resolve remote‑administration tool, specifically the HEURRemoteAdmin.GoToResolve.gen component, as a Potentially Unwanted Application that can install silently and maintain a hidden, persistent presence on Windows machines. The tool bundles a hidden “32000~”...
By HackRead
News•Jan 28, 2026
Best IT Managed Services for Large Enterprises
Large enterprises are shifting IT from a support function to a strategic growth engine, and the article outlines the criteria that define the best managed services for this scale. It highlights five enterprise‑tier attributes—strategic partnership, transparent governance, proactive operations, comprehensive...
By HackRead
News•Jan 26, 2026
New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer
Blackpoint Cyber uncovered a new fake CAPTCHA campaign that tricks users into executing a signed Microsoft script, SyncAppvPublishingServer.vbs, to install the Amatera Stealer malware. The attack directs victims to press Windows Key + R, paste a code, and run a command, while fetching...
By HackRead
News•Jan 26, 2026
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
A new crime‑ware toolkit called Stanley is being sold on Russian‑language forums for $2,000 to $6,000. The kit disguises itself as the Notely note‑taking extension and guarantees that its malicious Chrome extension will pass Google’s Web Store review. Once installed,...
By HackRead
News•Jan 23, 2026
Venezuelan Nationals Face Deportation After Multi State ATM Jackpotting Scheme
Two Venezuelan nationals were convicted of a multi‑state ATM jackpotting scheme that hit banks in South Carolina, Georgia, North Carolina and Virginia. Using laptops and custom malware, they opened older ATMs at night, forcing the machines to dispense cash until...
By HackRead
News•Jan 23, 2026
ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
ShinyHunters announced a dark‑web leak of alleged databases from SoundCloud, Crunchbase and Betterment after their extortion attempts were rejected. The group posted .onion links on 22 January 2026, offering free access to the dumps. The claimed SoundCloud breach aligns with a December 2025...
By HackRead
News•Jan 22, 2026
Google to Pay $8.25M Settlement Over Child Data Tracking in Play Store
Google agreed to pay $8.25 million to resolve a class‑action lawsuit alleging that its Play Store “Designed for Families” program allowed developers to collect personal data from children under 13 without parental consent. The case centered on the AdMob advertising SDK,...
By HackRead
News•Jan 21, 2026
New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization
Reflectiz’s 2026 State of Web Exposure Research reveals that 64 % of third‑party applications on 4,700 leading websites access sensitive data without a legitimate business justification, up from 51 % a year earlier. The study also shows a sharp rise in malicious...
By HackRead
News•Jan 20, 2026
Everest Ransomware Claims McDonalds India Breach Involving Customer Data
Everest ransomware announced a breach of McDonald’s India, claiming to have stolen 861 GB of customer and internal data. The leaked material reportedly contains financial reports, ERP migration files, investor contact lists, and store‑level employee details. HackRead published screenshots to substantiate...
By HackRead
News•Jan 20, 2026
Airlock Digital Announces Independent TEI Study Quantifying Measurable ROI & Security Impact
Airlock Digital released an independent Total Economic Impact study by Forrester Consulting showing a 224% return on investment and a $3.8 million net present value over three years for its allow‑listing solution. The research reports more than a 25% reduction in...
By HackRead
News•Jan 20, 2026
Sprocket Security Appoints Eric Sheridan as Chief Technology Officer
Sprocket Security announced the appointment of Eric Sheridan as its new Chief Technology Officer. Sheridan brings decades of cybersecurity and software engineering experience, along with multiple patents, to guide the firm’s technology vision. In his role, he will oversee engineering...
By HackRead
News•Jan 20, 2026
RansomHouse Claims Data Breach at Major Apple Contractor Luxshare
RansomHouse, a ransomware‑extortion group, alleges it breached Luxshare Precision Industry, a major Apple manufacturing partner, and accessed sensitive engineering data such as 3D CAD and PCB files. The group posted a victim profile on its dark‑web leak site, listing Apple...
By HackRead
News•Jan 19, 2026
Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware
Acronis Threat Research Unit uncovered a new espionage campaign that uses a Venezuela‑related news lure to target U.S. government officials. The attack distributes a malicious DLL through DLL sideloading, hidden inside a renamed Tencent music player called “Maduro to be...
By HackRead
News•Jan 15, 2026
New PayPal Scam Sends Verified Invoices With Fake Support Numbers
Scammers are exploiting PayPal's official invoice feature to send verified emails that display the blue tick, making them appear authentic. The malicious invoices include a fake support phone number in the "Note to Customer" section, prompting recipients to call and...
By HackRead
News•Jan 15, 2026
GhostPoster Browser Malware Hid for 5 Years With 840,000 Installs
Researchers uncovered a five‑year browser‑extension malware campaign dubbed GhostPoster, which hid malicious code inside a PNG image to evade static analysis. The campaign spanned Chrome, Edge and Firefox, ultimately involving 18 extensions and more than 840,000 installations. Koi Security first...
By HackRead
News•Jan 15, 2026
New CastleLoader Variant Linked to 469 Infections Across Critical Sectors
Cyber‑security firm ANY.RUN has identified a new, more stealthy variant of the CastleLoader malware, now linked to 469 compromised devices across U.S. government agencies and European critical infrastructure. The loader uses a social‑engineering “ClickFix” prompt and Inno Setup/AutoIt to gain...
By HackRead
News•Jan 15, 2026
Years-Old Vulnerable Apache Struts 2 Versions See 387K Weekly Downloads
Sonatype researchers reported that over 387,000 downloads of Apache Struts 2 occurred in a single week, and 98% of those were for end‑of‑life versions vulnerable to CVE‑2025‑68493. The flaw, a high‑severity (8.8) unsafe XML parsing issue affecting versions 2.0.0 through 6.1.0,...
By HackRead
News•Jan 14, 2026
Structure and Reliability in E-Commerce Platforms
E‑commerce platforms depend on a robust technical foundation that goes beyond aesthetics. Scalability, security, speed, and continuous uptime are essential to handle traffic spikes, protect customer data, and maintain conversion rates. Managed hosting and automated backups simplify maintenance while platform‑specific...
By HackRead
News•Jan 14, 2026
Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak
A hacker using the alias CamelliaBtw posted on DarkForums claiming a full breach of Russia’s Max Messenger, exfiltrating roughly 142 GB of data that includes 15.4 million user records, authentication tokens, passwords, communication metadata, source code, and internal infrastructure assets. The alleged...
By HackRead
News•Jan 14, 2026
Survey: Rapid AI Adoption Causes Major Cyber Risk Visibility Gaps
Panorays’ survey of 200 U.S. CISOs reveals that 60% consider AI vendors uniquely risky, yet only 22% have formal vetting processes. The rapid rollout of chat‑bots and AI agents is outpacing traditional third‑party risk controls, leaving most organizations with limited...
By HackRead
News•Jan 13, 2026
Widespread Magecart Campaign Targets Users of All Major Credit Cards
Silent Push researchers have uncovered a global Magecart campaign that has been skimming credit‑card data from all major networks since 2022. The attackers host malicious JavaScript on innocuous domains such as cdn‑cookie.com and erase the code when a WordPress admin bar...
By HackRead
News•Jan 13, 2026
Q4 2025 Malware Trends: Telegram Backdoor, Banking Trojans Surge, Joker Returns to Google Play
Doctor Web’s Q4 2025 mobile‑malware report reveals a modified Telegram X app delivering the Android.Backdoor.Baohuo.1.origin backdoor, compromising roughly 58,000 Android devices across phones, tablets, smart TVs and in‑car systems. The same period saw a 65% surge in Android banking trojans and the re‑appearance...
By HackRead
News•Jan 12, 2026
5 Best Secure Container Images for Modern Applications (2026)
Modern applications now treat secure container images as a prerequisite for rapid delivery, not a optional add‑on. By 2026, tools like Echo, Sysdig and Aqua Security automate CVE removal, risk prioritization, and policy enforcement across CI/CD pipelines. The article outlines...
By HackRead
News•Jan 12, 2026
Fake Employee Reports Spread Guloader and Remcos RAT Malware
AhnLab Security Intelligence Center uncovered a phishing campaign that disguises malicious attachments as fake employee performance reports. The email, posing as HR, includes a compressed file named "staff record pdf.exe" which, when executed, deploys the Guloader loader. Guloader then retrieves...
By HackRead
News•Jan 12, 2026
Cybersecurity in the Public Sector: Challenges, Strategies and Best Practices
Cyber attacks on government entities have surged, rising more than 40% in recent years, driven by motives ranging from political influence to lucrative data theft. Legacy platforms, chronic under‑funding, and a shortage of skilled analysts leave the public sector vulnerable....
By HackRead
News•Jan 12, 2026
Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen
Everest ransomware announced on Jan 10, 2026 that it breached Nissan Motor Corp and exfiltrated roughly 900 GB of data, posting screenshots of ZIP archives, spreadsheets and CSV files on its dark‑web leak site. The leaked directory structure suggests access to dealership records,...
By HackRead
News•Jan 11, 2026
Europol Raids Disrupt Black Axe Cybercrime Ring in Spain
International law enforcement, led by Spain’s National Police, German authorities, and Europol, raided Black Axe cells in Spain, arresting 34 suspects across Seville, Madrid, Málaga and Barcelona. The criminal syndicate, originating in Nigeria with about 30,000 members, is responsible for...
By HackRead
News•Jan 10, 2026
Database of 323,986 BreachForums Users Leaked as Admin Disputes Scope
On January 9 2026 a database containing 323,986 BreachForums user records was posted on the ShinyHunters site. The dump includes MySQL metadata, email addresses, display names, Argon2i password hashes and links to external accounts such as Telegram. BreachForums administrators claim the data...
By HackRead
News•Jan 9, 2026
Why AI-Powered Cyber Defense Is No Longer Optional for Modern Businesses
AI-driven cyber defense has shifted from optional to essential as threats become faster, more sophisticated, and harder to detect with legacy tools. Machine‑learning models analyze massive network and user‑behavior data in real time, flagging anomalies and enabling automated response. Companies...
By HackRead
News•Jan 9, 2026
Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
A hacker using the alias “Lovely” is now offering nearly 40 million Condé Nast user records for sale, expanding on a prior leak of 2.3 million Wired.com accounts. The alleged dataset spans dozens of Condé Nast‑owned sites, including high‑traffic titles such as Vanity Fair,...
By HackRead
News•Jan 9, 2026
$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
Chinese authorities extradited billionaire Chen Zhi and two associates from Cambodia to face charges linked to the Prince Group’s $15 billion Bitcoin‑based pig‑butchering operation. The joint China‑Cambodia investigation uncovered forced‑labour scam compounds, seized the largest cryptocurrency haul in history, and triggered...
By HackRead