Tag: group
-
Russian hackers breached Polish power grid thanks to bad security, report says
The Polish government accused a Russian government hacking group of hacking into energy facilities taking advantage of default usernames and passwords. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/30/russian-hackers-breached-polish-power-grid-thanks-to-bad-security-report-says/
-
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/labyrinth-chollima-dprk-three/
-
Dating-app giants investigate incidents after cybercriminals claim to steal data
Bumble and Match said they each recently responded to network intrusions. The group ShinyHunters claimed to have stolen data from both. First seen on therecord.media Jump to article: therecord.media/bumble-match-dating-apps-data-breaches
-
Security work keeps expanding, even with AI in the mix
Board attention continues to rise, and security groups now operate closer to executive decision making than in prior years, a pattern reflected the Voice of Security 2026 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/30/central-role-ai-security-workflows/
-
Chinese APTs Hacking Asian Orgs With High-End Malware
Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apts-asian-orgs-high-end-malware
-
Google disrupts IPIDEA residential proxy networks fueled by malware
IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-disrupts-ipidea-residential-proxy-networks-fueled-by-malware/
-
Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match
Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/match-group-breach-exposes-data-from-hinge-tinder-okcupid-and-match/
-
Google disrupts proxy network used by 550+ threat groups
Google has disrupted Ipidea, a massive residential proxy network consisting of user devices that are being used as the last-mile link in cyberattack chains. >>In a single … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/ipidea-proxy-network-disrupted/
-
ShinyHunters swipes right on 10M records in alleged dating app data grab
Extortion crew says it’s found love in someone else’s info as Match Group plays down the impact First seen on theregister.com Jump to article: www.theregister.com/2026/01/29/shinyhunters_match_group/
-
Notorious Russia-based RAMP cybercrime forum apparently seized by FBI
RAMP was used by Russian, Chinese and English-speaking cybercriminals and particularly catered to ransomware groups and their affiliates. First seen on therecord.media Jump to article: therecord.media/notorious-russia-based-ramp-forum-seized
-
Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups
Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-numbers-rise-despite/
-
Long-running North Korea threat group splits into 3 distinct operations
The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-labyrinth-chollima-splits-crowdstrike/
-
Nation-state and criminal actors leverage WinRAR flaw in attacks
Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple threat actors, including APTs and financially motivated groups, are exploiting the CVE-2025-8088 flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. The WinRAR…
-
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks
A new wave of cyberattacks has recently struck several prominent U.S. companies, including Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase. Bumble Inc., the parent company of dating apps Bumble, Badoo, and BFF, reported that one of its contractor accounts was compromised in a phishing incident. First seen on thecyberexpress.com Jump to article:…
-
What motivates hackers and what makes them walk away
Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/bugcrowd-hacker-community-research/
-
What motivates hackers and what makes them walk away
Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/bugcrowd-hacker-community-research/
-
Crooks are hijacking and reselling AI infrastructure: Report
Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerabilityexposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
-
Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google
The Google Threat Intelligence Group (GTIG) warns that nation-state actors and financially motivated threat actors are exploiting a… First seen on hackread.com Jump to article: hackread.com/hackers-patch-winrar-flaw-malware-google/
-
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads.”Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated First…
-
Skills CISOs need to master in 2026
Tags: access, ai, business, ciso, cloud, compliance, credentials, cyber, cybersecurity, data, endpoint, finance, firewall, group, Hardware, identity, infrastructure, intelligence, jobs, resilience, risk, risk-management, skills, strategy, threat, tool, trainingTop technical skills: In addition to strong knowledge of AI systems, today’s CISOs need a solid foundation in the technologies that define modern enterprise environments. The (ISC)² CISSP is still widely regarded as the gold standard for broad expertise in security architecture, risk management, and governance. “Regulators will expect this, and it still appears in…
-
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
Nation-state groups are consistently exploiting the defect to target victims in military, government and technology for espionage. First seen on cyberscoop.com Jump to article: cyberscoop.com/winrar-defect-active-exploits-google-threat-intel/
-
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-mustang-panda-hackers-deploy-infostealers-via-coolclient-backdoor/
-
NDSS 2025 On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
Session 10C: Privacy Preservation Authors, Creators & Presenters: Xiaoguang Li (Xidian University, Purdue University), Zitao Li (Alibaba Group (U.S.) Inc.), Ninghui Li (Purdue University), Wenhai Sun (Purdue University, West Lafayette, USA) PAPER On the Robustness of LDP Protocols for Numerical Attributes under Data Poisoning Attacks Recent studies reveal that local differential privacy (LDP) protocols are…
-
ShinyHunters Target 100+ Firms Using Phone Calls to Bypass SSO Security
ShinyHunters is driving attacks on 100+ organisations, using vishing and fake login pages with allied groups to bypass SSO and steal company data, reports Silent Push. First seen on hackread.com Jump to article: hackread.com/shinyhunters-target-firms-bypass-sso-security/
-
APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP – Part 2
Tags: access, ai, api, apt, attack, backdoor, backup, cloud, control, credentials, data, dns, email, exploit, github, google, government, group, india, infection, infrastructure, Internet, linux, malicious, malware, microsoft, monitoring, network, phishing, powershell, programming, service, tactics, threat, tool, update, windowsThis is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ThreatLabz uncovered three additional backdoors, SHEETCREEP, FIREPOWER, and MAILCREEP, used to power the Sheet Attack campaign. In Part 2 of this series, ThreatLabz will…
-
WorldLeaks Extortion Group Claims It Stole 1.4TB of Nike Data
The sportswear brand is investigating an alleged breach of its network that exposed some 188,347 files of highly sensitive corporate data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/worldeaks-extortion-group-stole-1.4tb-nike-data
-
China-linked group accused of spying on phones of UK prime ministers’ aides for years
Reports say Salt Typhoon attackers accessed handsets of senior govt folk First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/chinalinked_hackers_accused_of_yearslong/
-
From Cipher to Fear: The psychology behind modern ransomware extortion
Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today’s ransomware groups weaponize stolen data and pressure tactics to force payment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/from-cipher-to-fear-the-psychology-behind-modern-ransomware-extortion/