Tag: group
-
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
VM.run() can obtain host process object and runs host commands with zero co-operation from the host.However, researchers at Socket told us in an email that the advisory about this escape says it has been confirmed only on Node.js 25.6.1, and requires a Node.js version with WebAssembly exception handling and JSTag support.The highest-risk scenario, they said, would be an…
-
LinkedIn illegally blocking free accounts from seeing ‘who’s viewed your profile’ data, group alleges
Right to view: LinkedIn will doubtless point out to the Austrian Data Protection Authority that all users, including free subscribers, can opt out of having their profile visit made visible by toggling off the feature in Settings/Visibility tab/’Visibility when viewing other profiles’. Then each visit a user makes to another profile is recorded as one…
-
Hackers deface school login pages after claiming another Instructure hack
The cybercrime group ShinyHunters claimed to have hacked Instructure again, defacing the login pages of several Instructure customer schools with an extortion message. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-deface-school-login-pages-after-claiming-another-instructure-hack/
-
Hackers hack victims hacked by other hackers
An unknown group of hackers is breaking into systems previously breached by the cybercrime group TeamPCP. Once inside, the hackers immediately kick out TeamPCP and remove its hacking tools from the victims’ systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-hack-victims-hacked-by-other-hackers/
-
Frank Kölmel ist neuer Chief-Revenue-Officer für das B2B-Geschäft von Bitdefender
Bitdefender hat Frank Kölmel als Chief Revenue Officer (CRO) der Bitdefender Business Solution Group (BSG) vorgestellt. Kölmel blickt auf mehr als drei Jahrzehnte Erfahrung in der Cybersicherheitsindustrie zurück. In verschiedenen Stationen leitete er die Wachstumsstrategien führender internationaler Cybersicherheits- und Software-Anbieter. In seiner neuen Rolle ist Kölmel für Business-Development, Umsatzsteigerung und die Go-to-Market-Initiativen des gesamten BSG-Bereichs…
-
Polish intelligence warns hackers attacked water treatment control systems
The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025, “with particular emphasis on the special services of the Russian Federation.” First seen on therecord.media Jump to article: therecord.media/polish-intelligence-warns-hackers-attacked-water-treatment
-
One House Democrat is pressing Commerce on the government’s spyware use
Rep. Summer Lee’s letter, first reported by CyberScoop, follows ICE confirmation of using spyware and news of a Trump ally becoming NSO Group’s executive chairman. First seen on cyberscoop.com Jump to article: cyberscoop.com/democrat-summer-lee-letter-briefing-nso-group-spyware-trump/
-
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like NetDraft and CloudSorcerer with aggressive network reconnaissance and credential theft. Researchers assess with high confidence…
-
The Winter Games effect: When gold meets DDoS
Tags: attack, botnet, cctv, ddos, defense, detection, dns, government, group, infrastructure, international, Internet, iot, jobs, lockbit, network, penetration-testing, ransomware, router, service, strategy, threat, windowsAttack volumes 610x historical levels during the Winter Games period (February 623, 2026)Peak attack count reached more than 2,200 attacks on February 23NoName057(16) dominated public DDoS hacktivist claims with 47, although ransomware groups (Qilin, LockBit 5.0) also claimed success in various attacksTactical shift from pre-Winter Games high-bandwidth attacks (412.89Gbps peak) to Winter Games-period high-throughput attacksGeographic…
-
UK Finance Sector Puts Cyber Defences to the Test in National Hackathon
Over the course of two days (April 27-28), banks, fintech companies, technology providers, and regulators from across the UK financial ecosystem came together for a cybersecurity competition designed to test real-world readiness, decision-making under pressure, and the ability to defend critical financial infrastructure against sophisticated attacks. Hosted by Lloyds Banking Group, Hack The Box, and…
-
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a prolific Russian ransomware network. Deniss Zolotarjovs, 35, participated in a cybercrime syndicate that orchestrated data theft and extortion campaigns against over 54 organizations worldwide between June 2021 and August 2023. The…
-
Vimeo Confirms Breach Exposing 119,000 Unique User Email Addresses
Video hosting platform Vimeo has confirmed a data breach that exposed approximately 119,000 unique user email addresses, attributing the incident to a security compromise at Anodot, a third-party analytics vendor integrated with its systems. The breach came to light after the ShinyHunters extortion group listed Vimeo on its >>pay or leak<< portal in April 2026,…
-
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
Ransomware and data extortion groups are increasingly targeting the aviation and aerospace sector, exploiting interconnected systems, shared platforms, and identity-based access models to cause operational disruption and data compromise. Cyber risk across aviation has shifted beyond traditional IT incidents toward ransomware attacks, credential theft, and platform-level compromise. The aviation ecosystem relies heavily on shared IT…
-
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/physical-cargo-theft-cybercriminals
-
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to attacks targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025.The activity is being tracked by Cisco Talos under the moniker UAT-8302, with post-exploitation involving the deployment of custom-made malware families that have been…
-
ScarCruft Targets Gaming Platform With Windows, Android Backdoors
A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
-
Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor
Silver Fox is running a tax”‘themed phishing campaign that abuses fake notices from Indian and Russian tax authorities to drop ValleyRAT and a new Python backdoor dubbed ABCDoor, using a customized RustSL loader to evade detection and enforce strict geofencing controls. The campaign shows how the group is steadily evolving from commodity RAT delivery to…
-
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Educational institutions are now facing a coordinated mix of state espionage, spear”‘phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show signs of easing. Every attributed campaign was linked to state actors, with no financially motivated groups observed. China-aligned clusters led by MISSION2074 dominate, with additional activity from Stone Panda, Hafnium, Lotus…
-
UAT-8302 and its box full of malware
Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8302/
-
UAT-8302 and its box full of malware
Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat (APT) group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8302/
-
North Koreans Spy on Defectors Via Android Game Apps
Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
-
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have…
-
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
-
New Attribution Framework Links APT Campaigns Across Key Layers
A new attribution framework is reshaping how cybersecurity analysts connect advanced persistent threat (APT) activity, moving beyond static group labels toward a dynamic, multi-layered model that reflects how modern adversaries actually operate. These profiles are built from observed tactics, techniques, procedures (TTPs), malware, and infrastructure. But this approach is increasingly strained. Threat actors evolve constantly…
-
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
Tags: access, ai, cybersecurity, exploit, framework, government, group, infrastructure, malicious, openai, risk, software, technology, update, vulnerabilityThe Mythos factor: The discussion follows Anthropic’s recent introduction of Mythos, a model the company has described as representing a watershed moment for cybersecurity.Anthropic has said Mythos Preview has found thousands of high-severity vulnerabilities, including some in every major operating system and web browser, and that AI models have reached a level of coding capability…
-
Everest Group Begins Leaking Alleged Liberty Mutual Data
Cybercrime Gang Claims to Have 108-Gbyte Trove of Insurer’s Files, Folders. Ransomware gang Everest Group claims to have stolen more than 108 gigabytes of data- including policyholder details – belonging to insurer Liberty Mutual. The cybercrime group began leaking the company’s alleged data on Monday afternoon, saying the insurer failed to respond to the gang’s…
-
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/silver-fox-tax-themed-attacks-india-russia