Tag: group
-
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
The ransomware group Nitrogen claimed responsibility for the attack and said it stole 8 terabytes of data spanning more than 11 million files belonging to the company’s top customers. First seen on cyberscoop.com Jump to article: cyberscoop.com/foxconn-cyberattack-disrupts-north-america-factories/
-
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
A group of likely Russian government hackers tried to hack a security researcher who investigates spyware attacks. He was then able to turn the tables on the hackers and reveal details of their espionage campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/a-spyware-investigator-exposed-russian-government-hackers-trying-to-hijack-signal-accounts/
-
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.Active since at least 2016, Ghostwriter has been linked to both cyber espionage and influence operations targeting neighboring countries, particularly Ukraine. It’s also tracked under the monikers FrostyNeighbor, PUSHCHA, Storm-0257, TA445, UAC”‘0057 First seen on…
-
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the Russian state-backed threat actor is no longer just infiltrating IT networks it is actively pivoting into operational technology (OT) environments where real-world disruption becomes possible. The findings are based on…
-
Definition NIS Cooperation Group – Was ist die NIS Cooperation Group?
Tags: groupFirst seen on security-insider.de Jump to article: www.security-insider.de/was-ist-nis-cooperation-group-rolle-nis-2-richtlinie-a-1631cc3fa786c4068c25b3ab4aadb283/
-
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… First seen on hackread.com Jump to article: hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
Foxconn Confirms Cyberattack as Nitrogen Ransomware Claims 8TB Data Theft
Foxconn, one of the world’s largest electronics manufacturers and a major supplier to Apple, has confirmed that a recent Foxconn cyberattack disrupted operations at several of its North American facilities. According to online reports, a ransomware group known as Nitrogen claimed responsibility for the incident and alleged that it stole massive amounts of company data.…
-
Nitrogen Ransomware claims massive data theft from Foxconn
Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American factories were affected by a cyberattack. The manufacturer confirmed it was targeted by threat actors after the Nitrogen ransomware group listed it on its Tor…
-
AI-Built Zero-Day Nearly Powered Mass Attack
Google Says Criminals Used AI to Discover and Code Exploit. A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from scratch, said Google researchers. Google said it worked with the affected vendor to patch the flaw before an attack could…
-
Å koda warns of customer data breach after online shop hack
Å koda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/skoda-warns-of-customer-data-breach-after-online-shop-hack/
-
European countries are exporting surveillance tech to countries with poor human rights records, report says
Tags: groupThe report, released by the advocacy group Human Rights Watch on Tuesday, alleges that the European Commission has failed to effectively police member states’ surveillance tech sales despite the 2021 implementation of updated bloc-wide export rules designed to rein in the practice. First seen on therecord.media Jump to article: therecord.media/eu-countries-export-surveillance-tech-to-countries-with-human-rights-issues
-
Instructure claims hackers returned stolen Canvas data after an extortion standoff
ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
-
Instructure took a risky approach to recover stolen Canvas data
Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stolen in a recent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/instructure-canvas-data-breach-shinyhunters-agreement/
-
Developer workstations are the new beachhead
Tags: access, application-security, attack, authentication, cloud, container, control, credentials, edr, endpoint, exploit, github, group, Hardware, identity, incident response, infrastructure, malware, mfa, monitoring, network, software, supply-chain, threat, updateThe economics that drive the convergence: A typical developer workstation holds SSH keys, cloud provider credentials, container registry tokens, Git authentication tokens and CI/CD pipeline secrets. Many developers have administrative access to internal package registries and deployment infrastructure. Their machines often sit outside the hardened perimeter that security teams build around production systems.From an attacker’s…
-
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak
Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an “agreement” with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/
-
Google Warns Hackers Are Using AI to Build Working Zero-Day Exploits
Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a significant escalation in the cyber threat landscape, shifting AI’s role from a simple research assistant…
-
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tags: access, attack, business, control, cve, cybersecurity, exploit, flaw, group, incident response, infosec, linux, LLM, mitigation, risk, service, strategy, switch, technology, tool, update, vulnerability, zero-day), a logic bug which lets users easily obtain root access, and Dirty Frag, which abuses weaknesses in how the Linux kernel handles fragmented memory pages. The Dirty Frag attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). The proposal has set off a furious…
-
Tables Turned: Gentlemen Ransomware Group Suffers Data Leak
Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics. Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communications, revealing previously non-public victims, a variety of tactics, techniques and tools, and a relentless focus on popping backup and storage infrastructure. First seen on govinfosecurity.com Jump to article:…
-
AI used to develop working zero-day exploit, researchers warn
A report by GTIG shows threat groups are increasingly leveraging AI to scale attacks. The exploitation attempt was disclosed and patched, preventing a mass incident. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-working-zero-day-exploit-GTIG/819848/
-
UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
The Information Commissioner’s Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group that led to the personal data of 633,887 customers and employees being published in August 2022. First seen on therecord.media Jump to article: therecord.media/uk-water-company-had-hackers-lurking-for-years
-
Google spotted an AI-developed zero-day before attackers could use it
Researchers found artifacts in the code that proved AI was heavily involved. A prominent cybercrime group planned to exploit the zero-day en masse for financial gain. First seen on cyberscoop.com Jump to article: cyberscoop.com/google-threat-intelligence-group-ai-developed-zero-day-exploit/
-
<> von Google zeigt, wie Angreifer KI missbrauchen
Die Google Threat Intelligence Group (GTIG) hat ihren neuen Bericht ‘AI Threat Tracker” veröffentlicht. Dieser beschreibt detailliert die aktuellen Methoden von Angreifern und zeigt, dass diese nicht mehr nur mit künstlicher Intelligenz (KI) experimentieren, sondern die Technologie im großen Maßstab einsetzen. Die erste von einer KI entwickelte Zero-Day-Schwachstelle Google hat einen Zero-Day-Exploit (eine Umgehung […]…
-
Hackers used AI to develop zero-day exploit for web admin tool
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool/
-
Cyber Espionage Group Targets Aviation Firms to Steal Map Data
The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries’ world view. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cyber-espionage-group-aviation-firms-steal-map-data
-
Hackers Observed Using AI to Develop Zero-Day for the First Time
Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-using-ai-zero-day-first/
-
AI-powered hacking has exploded into industrial-scale threat, Google says
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks<ul><li><a href=”https://viewer.gutools.co.uk/business/live/2026/may/11/uk-economy-job-losses-iran-war-oil-pound-bonds-politics-starmer-live-updates”>Business live latest updates</li></ul>In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google.The findings from Google’s threat intelligence group add to an intensifying, global discussion about…
-
13 new critical holes in JavaScript sandbox allow execution of arbitrary code
VM.run() can obtain host process object and runs host commands with zero co-operation from the host.However, researchers at Socket told us in an email that the advisory about this escape says it has been confirmed only on Node.js 25.6.1, and requires a Node.js version with WebAssembly exception handling and JSTag support.The highest-risk scenario, they said, would be an…
-
LinkedIn illegally blocking free accounts from seeing ‘who’s viewed your profile’ data, group alleges
Right to view: LinkedIn will doubtless point out to the Austrian Data Protection Authority that all users, including free subscribers, can opt out of having their profile visit made visible by toggling off the feature in Settings/Visibility tab/’Visibility when viewing other profiles’. Then each visit a user makes to another profile is recorded as one…
-
Hackers deface school login pages after claiming another Instructure hack
The cybercrime group ShinyHunters claimed to have hacked Instructure again, defacing the login pages of several Instructure customer schools with an extortion message. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-deface-school-login-pages-after-claiming-another-instructure-hack/