07-Sep-2025: GitHub GhostAction Breach and MTA Ransomware Drama Unfold

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay tuned for today's top stories on the latest developments and threats in the cyber realm. First, the FBI is alerting organizations about cyberattacks utilizing HiatusRAT malware. This insidious malware targets network devices such as web cameras and DVRs, compromising security and privacy by granting hackers unauthorized access and control. Next, the Mask APT group, also known as Careto, has resurfaced with more advanced malware capable of targeting multiple platforms, including Windows, macOS, and Linux. The sophistication of these attacks poses increased risks to governments and businesses worldwide. In other news, cybercriminals are deploying malicious ads with fake CAPTCHA pages to spread the Lumma infostealer. This tactic deceives users into downloading the malware, leading to the theft of credentials and financial information. Stay vigilant in verifying online security checks to avoid falling prey. Additionally, the US Marshals Service faces a second ransomware attack within two years. This breach underscores the urgent need for enhanced cybersecurity measures to protect sensitive government data. Lastly, beware of a new investment scam leveraging AI and social media ads. These scams utilize fake testimonials and professional profiles to lure unsuspecting investors, emphasizing the importance of verifying investment opportunities. Join us tomorrow for another episode of Hacked dAily. Stay safe, stay secure.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

17 Des 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay updated on the latest in cyber threats and security trends every day. In today's top stories, the Ukraine-Russia conflict takes a disturbing turn as reports surface about Ukrainian minors being recruited for cyber operations. This development raises serious ethical concerns about the involvement of children in war-torn regions. Google's advertising platform becomes a battleground with a new phishing campaign targeting Kaiser Permanente employees. The attackers impersonated the health care company's HR portal and used a fake browser update to deploy the SocGholish malware, highlighting ongoing threats in search ads. Data theft makes headlines again as the Clop ransomware group claims to have infiltrated Cleo company's systems, exfiltrating sensitive information. This incident underscores the growing sophistication of ransomware attacks on businesses. In other news, Rhode Island's RIBridges system faces a ransomware threat, prompting potential data leaks and urging users to enhance their security measures. The state ensures affected households are informed about accessing free credit monitoring. Finally, we address a rising threat to AI industries with 'TPUXtract.' This new vulnerability allows attackers to extract AI models from Tensor Processing Units, emphasizing the urgent need for safeguarding AI intellectual property. Stay tuned for more updates on "Hacked dAily." Protecting your digital world starts with staying informed.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

16 Des 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, your daily dose of the latest in the fast-evolving world of cybersecurity. In today's episode, we discuss a significant breach affecting WordPress. A supply chain attack has compromised around 390,000 accounts, infiltrating through a third-party component. Users are advised to change their passwords and verify the integrity of their plugins and themes. Next, we delve into Krispy Kreme's recent cyberattack that hit its US online ordering systems. This incident serves as a stark reminder of the importance of robust cybersecurity strategies across all industries. Current investigations are underway, with no confirmation yet on compromised customer data. In international news, the Russian cyber espionage group, Turla, has developed Android spyware targeting Ukrainian users. Disguised as a pro-Ukrainian app, this sophisticated malware reflects the growing complexity of state-sponsored cyber threats. Additionally, a ransomware attack has plagued a critical supplier, affecting operations at Starbucks and major UK supermarkets, resulting in significant supply chain disruptions. Finally, we discuss a survey highlighting AI-enhanced cyberattacks as a major threat to API security. These sophisticated attacks challenge current security frameworks, stressing the need for advanced protection measures. Stay tuned for today's insights and expert analysis on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

15 Des 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber, unraveling the latest in cyber threats and defenses! In today's episode, we dive into the emergence of PUMAKIT, a new Linux rootkit employing advanced stealth techniques to outsmart existing security measures. Discover how this malware is making waves in the cybersecurity landscape and why experts are on high alert. We also examine the warning from security analysts about an increase in zero-day exploits targeting Cleo Managed File Transfer systems. With potential risks to data integrity and confidentiality, we discuss the urgent need for enhanced defense strategies and patch management for organizations using Cleo’s solutions. In another critical update, our focus shifts to the vulnerabilities in Prometheus. Over 330,000 instances of this open-source monitoring platform are at risk due to default security settings, leaving systems exposed to denial-of-service attacks. Learn why it's essential to implement stringent security practices now. Elsewhere, we reflect on the infamous WannaCry ransomware attack, a stark reminder of the disruptive power of cyber threats and the importance of robust cybersecurity measures. Finally, we explore the collaborative world of open-source generative AI security tools. By embracing community-driven innovation, these tools promise to fortify defenses against AI-generated threats. Stay ahead of threats with Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

14 Des 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, bringing you the latest in cyber news and security breakthroughs every day. In today's episode, we cover some of the most pressing issues in the cybersecurity world. First, the FBI has shut down the Rydox Marketplace, a notorious platform for selling personal data, seizing $225,000 in cryptocurrency linked to over 7,600 illicit sales. This operation strikes a major blow against online data trafficking. Next, a newly discovered symlink exploit threatens Apple's TCC privacy framework in iOS and macOS systems, raising alarms about the potential for unauthorized data access by malicious apps without user consent. We also delve into a new "vishing" tactic using Microsoft Teams, where cybercriminals impersonate IT support to install DarkGate malware in corporate systems. This highlights the need for robust security measures in virtual communication tools. In other news, Rutherford County Schools in Tennessee face a ransomware attack with hackers demanding 20 Bitcoin, but school officials refuse to pay, focusing instead on strengthening cybersecurity after staff data appeared on the dark web. Finally, businesses are leveraging AI and open data to better manage third-party risks, improving both security protocols and operational efficiency. Stay tuned for these stories and more tomorrow on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

13 Des 20243min

Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast by Cytadel Cyber, where we bring you the latest and most important cybersecurity news in just a few minutes each day. Today, we discuss a major global outage affecting millions of Facebook, Instagram, and WhatsApp users. The connectivity issues left users unable to access their accounts or share content for hours, with the cause still shrouded in mystery. In other news, OpenAI faces a similar disruption as their popular AI services, including ChatGPT and Sora, experienced a worldwide outage. OpenAI is swiftly working towards restoring full functionality. A significant victory for Europol as they dismantle 27 platforms used for DDoS attacks across 15 countries, resulting in numerous arrests and demonstrating international cooperation against cyber threats. On a different front, a cardiac surgery device manufacturer suffers a ransomware attack, jeopardizing sensitive data and raising alarms about the security of medical devices and patient information. Investigations are underway to assess the impact. Lastly, Deloitte's 2025 Tech Trends report highlights AI's growing role as a seamless, hidden force in the workplace, set to massively boost decision-making and efficiency. Join us daily as we delve into the latest happenings in the cyber world, only on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

12 Des 20243min

Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast, by Cytadel Cyber. Stay informed with the latest in cyber threats and security updates in just a few minutes each day. In today's episode, we dive into a sophisticated fraud scheme in the UAE where cybercriminals are impersonating Dubai Police to trick residents into paying fake fines. This scam has intensified during the festive UAE National Day period, catching many off-guard. Next, we explore a massive data breach caused by misconfigurations in Amazon Web Services. The breach has exposed sensitive data from multiple high-profile companies, highlighting the urgent need for improved cloud security practices. A popular senior dating website has suffered a significant data breach, compromising the personal information of over 765,000 users. This incident raises critical concerns over the privacy and security of personal data on digital platforms. In Ohio, a ransomware attack has crippled emergency services, forcing a return to manual operations and causing public safety concerns. Efforts are underway to restore systems, though the timeline remains uncertain. Finally, we discuss the rising threat of AI-powered vishing scams. These deepfake technologies make it increasingly challenging to trust voice communications, prompting organizations to invest in advanced security measures and continuous employee training. Tune in daily to Hacked dAily for your essential cybersecurity updates. Stay safe, stay informed.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

11 Des 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, where we bring you the latest in cybersecurity news and developments every day. In today's top stories, we discover that Romanian energy provider Electrica Group recently experienced a cyber attack. Despite temporary disruptions, they ensured that their critical infrastructure remains safe while working closely with national cybersecurity agencies. Next, an alarming trend has emerged as cyber attackers exploit QR codes to bypass browser isolation security measures, redirecting unsuspecting users to malicious websites. Caution is advised when scanning QR codes. We also delve into the digital finance world where North Korean hackers orchestrated a $50 million cryptocurrency heist, targeting multiple digital wallets. This adds to the rising threat of North Korean cyber activities globally. In other news, a ransomware attack hit the U.S. subsidiary of a Japanese water treatment company, causing operational disruptions and spotlighting vulnerabilities in essential infrastructure sectors. Finally, a staggering 77% of enterprises report falling victim to adversarial AI attacks, highlighting a critical challenge for Security Operations Centers. As businesses rush to bolster defenses, the focus sharpens on developing more robust strategies to tackle this pressing issue. Stay tuned to Hacked dAily for all your cybersecurity updates, and ensure you're informed about the threats and trends impacting the digital world today.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

10 Des 20243min