Security
Headlines
HeadlinesLatestCVEs

Latest News

UK Retail Giant Co-op Shuts Down IT Systems After Cyberattack Attempt

Retailer Acts Swiftly to Limit Threat as UK Retail Sector Faces Growing Digital Risks

HackRead
Open in Source
#git
Google Introduces Agentic AI to Combat Cybersecurity Threats

Google enhances cybersecurity with Agentic AI, launching Unified Security to fight zero-day exploits, enterprise threats, and credential-based attacks.…

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats

How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without

China Hackers Used Trojanized UyghurEditPP App to Target Uyghur Activists

China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…

Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool

A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. "Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and

Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About

Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:  “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen

RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control

Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since

Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code

Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct

Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations

A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January 2025. The complaint alleged its staff had received e-mails containing obscene, abusive