New Reaper Malware Uses Fake Microsoft Domain to Steal macOS Passwords
The newly discovered Reaper malware bypasses Apple's macOS Tahoe 26.4 security updates to steal passwords, crypto assets, and install a permanent backdoor.
HackRead
20 articles
10 Tips for Phrasing Employee Feedback in Reviews
Performance reviews inside cybersecurity teams carry unusually high stakes.
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for…
Continuous Detection, Continuous Response: Mate Security Redefines the Modern SOC
New York, USA, 18th May 2026, CyberNewswire
The Gentlemen Ransomware Gang Hit by Internal Breach, Operations Exposed
The Gentlemen ransomware gang suffered an internal breach in May 2026, exposing victim data, affiliate activity, and backend operations.
Closing the Gap: The Regulatory and Structural Maturation of Digital Assets
Digital assets are reshaping global finance as institutions adopt regulated crypto infrastructure, stablecoins, and tokenized assets.
Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases
Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases.
Grafana Says It Rejected Ransom Demand After Source Code Theft
Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.
AI Voice Cloning: The Technology Behind It, Who’s Building It, and Where It’s Headed
Explore AI voice cloning technology, leading companies, real-world uses, ethical risks, and future trends shaping synthetic voices.
Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk
Critical Claw Chain vulnerabilities in OpenClaw expose thousands of AI servers to data theft, backdoors, and admin-level attacks globally this week. .
The Next Cybersecurity Challenge May Be Verifying AI Agents
AI agents are reshaping cybersecurity. Learn why verification, trusted identity standards, and runtime controls are now essential.
Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads.
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords.
How Fintech APIs Are Modernizing Business Cash Flow Management
Business cash flow is often harder to manage than revenue.
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations.
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems.
Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak
Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a publ...
TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages
Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud ...