‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser
LayerX Security found a flaw in OpenAI’s ChatGPT Atlas browser that lets attackers inject commands into its memory, posing major security and phishing risks.
Hack Read
nsKnox Launches Adaptive Payment Security™, Revolutionizing B2B Fraud Prevention by Solving the ‘Impossible Triangle’ of Speed, Certainty, and Effort
New York, New York, USA, 27th October 2025, CyberNewsWire
DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants
Unsecured House Democrats' resume bank (DomeWatch) exposed 7,000 records, including PII and "top secret" clearance status, raising identity theft fears.
1inch partners with Innerworks to strengthen DeFi security through AI-Powered threat detection
London, United Kingdom, 27th October 2025, CyberNewsWire
New HyperRat Android Malware Sold as Ready-Made Spy Tool
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.
X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10
X (formerly Twitter) is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access.
Everest Ransomware Says It Stole 1.5M Dublin Airport Passenger Records
Everest ransomware group claims to have stolen 1.5 million passenger records from Dublin Airport and personal data of 18,000 Air Arabia employees in latest breaches.
Pwn2Own Ireland 2025: The Hacks, The Winners, and The Big Payouts
Hackers earned over $1 million at Pwn2Own Ireland 2025 in Cork, breaching printers, routers, NAS devices, and more as Summoning Team claimed Master of Pwn.
AI for the Financial Sector: How Strategy Consulting Helps You Navigate Risk
The financial industry is transforming as artificial intelligence (AI) is becoming an integral tool for managing operations, improving…
Everest Ransomware Claims AT&T Careers Breach with 576K Records
Everest ransomware group claims a breach of AT&T Careers, alleging theft of 576,000 applicant and employee records locked behind a password-protected listing.
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Paris, France, 24th October 2025, CyberNewsWire
Baohuo Android Malware Hijacks Telegram Accounts via Fake Telegram X
New Android malware Baohuo hijacks Telegram X accounts, stealing data and controlling chats. Over 58,000 devices infected, mainly in India and Brazil.
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
Medusa ransomware leaks 186 GB of Comcast data, claiming 834 GB stolen after a $1.2M ransom demand apparently went unpaid.
Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk
Operant AI reveals Shadow Escape, a zero-click attack using the MCP flaw in ChatGPT, Gemini, and Claude to secretly steal trillions of SSNs and financial data. Traditional security is blind to this new AI threat.
AI Sidebar Spoofing Attack: SquareX Uncovers Malicious Extensions that Impersonate AI Browser Sidebars
Palo Alto, California, 23rd October 2025, CyberNewsWire
183 Million Synthient Stealer Credentials Added to Have I Been Pwned
Massive Synthient Stealer Log leak adds 183 million stolen usernames and passwords to Have I Been Pwned, exposing new victims worldwide.
PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine
SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan (RAT) linked to Russian infrastructure.
GlassWorm Malware Targets Developers Through OpenVSX Marketplace
GlassWorm, a self-propagating malware, infects VS Code extensions through the OpenVSX marketplace, stealing credentials and using blockchain for control.
Bitter APT Exploiting Old WinRAR Vulnerability in New Backdoor Attacks
South Asian hacking group Bitter (APT-Q-37) is deploying a C# backdoor using two new methods: a WinRAR flaw and malicious Office XLAM files, targeting government and military sectors.
Rival Hackers Dox Alleged Operators of Lumma Stealer
Rival hackers expose the alleged operators behind Lumma Stealer, a major data-theft malware, causing leaks and internal chaos that have slowed its growth.
