Tag: group
-
Latest BreachForums Reboot Tied to Fake ShinyHunters Admin
After Hacker Site Gets Resurrected, Cybercrime Group Denies All Involvement Drama continues fast and furious in BreachForums land, as someone claiming to be part of the ShinyHunters crime group said they’ve rebooted the long-running and oft-disrupted forum yet again. But an official ShinyHunters channel denied the group having involvement in any such reboots. First seen…
-
Security Affairs newsletter Round 571 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qilin ransomware group claims the hack of German political party Die Linke U.S. CISA adds a…
-
Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/05/week-in-review-axios-npm-supply-chain-compromise-critical-forticlient-ems-bug-exploited/
-
Qilin ransomware group claims the hack of German political party Die Linke
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from Die Linke, a German political party, and is threatening to release it. Die Linke is a left-wing political party in Germany. Its…
-
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages. First seen on hackread.com Jump to article: hackread.com/unc1069-node-js-maintainer-fake-linkedin-slack-profile/
-
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages. First seen on hackread.com Jump to article: hackread.com/unc1069-node-js-maintainer-fake-linkedin-slack-profile/
-
European Commission breach exposed data of 30 EU entities, CERT-EU says
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threat group, revealing that data from at least 30 EU entities was exposed. The incident was publicly disclosed on March 27 after inquiries confirmed…
-
Supply Chain Attacks Surge in March 2026
Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windowsIntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
-
Cisco fixes critical IMC auth bypass present in many products
Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
-
ShinyHunters Claims Rebooted BreachForums Now More Secure
Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it’s rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.…
-
RSAC 2026: Rethinking Trust in Agentic AI Security
Ahead of RSAC 2026, I spoke with David Brauchler, Technical Director and Head of AI/ML Security at NCC Group about how you can secure AI agents. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/rsac-2026-rethinking-trust-in-agentic-ai-security/
-
Stryker Tells Customers Manufacturing Systems Restored
Device Maker Is Still Investigating March 11 Attack Claimed by Iranian Hacktivists. Medical tech maker Stryker said it has restored its systems and is operational across its global manufacturing network three weeks after a wiper attack by Iranian hacktivist group Handala led to a worldwide outage at the company. The firm is continuing to investigate…
-
EU cyber agency attributes major data breach to TeamPCP hacking group
The European Union’s cybersecurity agency said the hacking group TeamPCP was behind a massive recent data breach at the European Commission. First seen on therecord.media Jump to article: therecord.media/european-commission-cyberattack-teampcp
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
Do not get high(jacked) off your own supply (chain)
In the span of just a few weeks, we have observed a dizzying array of major supply chain attacks. Prominent examples include the malicious modification of Axios, a popular HTTP client library for JavaScript, as well as cascading compromises from TeamPCP, a “chaos-as-a-service” group that injected malicious code First seen on blog.talosintelligence.com Jump to article:…
-
Die Linke German political party confirms data stolen by Qilin ransomware
The Qilin ransomware group has claimed responsibility for an attack against Die Linke (‘The Left’), forcing an IT systems outage at the political party, and threatening sensitive data leak. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/die-linke-german-political-party-confirms-data-stolen-by-qilin-ransomware/
-
Europe’s cyber agency blames hacking gangs for massive data breach and leak
CERT-EU blamed the cybercrime group TeamPCP for the recent hack on the European Commission, and said the notorious ShinyHunters gang was responsible for leaking the stolen data online. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/03/europes-cyber-agency-blames-hacking-gangs-for-massive-data-breach-and-leak/
-
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies
Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Wind Technologies, an Israeli engineering and IT firm specializing in integrated systems for defense and critical communications, including command and control solutions. Handala appears as a…
-
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union’s Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities/
-
Qilin Ransomware Deploys Malicious DLL to Disable Most EDR Defenses
The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targeting the defense layer itself during the early stages of a breach. By deploying a malicious >>msimg32.dll<< file, attackers can bypass traditional antivirus…
-
Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative
The next wave of web development: In an interview with Computerworld, Cloudflare senior product manager Matt Taylor said his team sees the project as the next wave of web development platforms.”There is a whole new generation of developers, and WordPress is old news to them. If you are starting today, there is no way you…
-
State AG Sues Change Healthcare in 2024 Ransomware Attack
Iowa Seeking Civil Monetary Fines, Damages for Alleged Violations. Iowa’s state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group’s data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit. First seen on govinfosecurity.com Jump to article:…
-
Emulating the Concealed Sinobi Ransomware
AttackIQ has released a new attack graph that emulates the behaviors of Sinobi ransomware, a ransomware strain that has been active since mid 2025. Sinobi is suspected to be a rebrand of Lynx, a Ransomware-as-a-Service (RaaS) group that first emerged in 2024. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/emulating-the-concealed-sinobi-ransomware/
-
Akira ransomware group can achieve initial access to data encryption in less than an hour
A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses to pay up. First seen on cyberscoop.com Jump to article: cyberscoop.com/akira-ransomware-initial-access-to-encryption-in-hours/
-
Medtech giant Stryker says it’s back up after Iranian cyberattack
The Handala group claimed responsibility for hitting the company with a wiper attack last month. First seen on cyberscoop.com Jump to article: cyberscoop.com/medtech-giant-stryker-says-its-back-up-after-iranian-cyberattack/
-
Possible US Government iPhone Hacking Tool Leaked
Tags: data-breach, defense, exploit, google, government, group, hacking, iphone, malware, tool, vulnerabilityWired writes (alternate source): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code.…
-
Iranian Hacker Group Handal Claims Breach of Israeli Defense Firm
Tags: breach, cyber, cybersecurity, data, data-breach, defense, group, hacker, international, iran, military, threatThe international cybersecurity community was alerted to a major data breach involving Israeli military infrastructure. Handala, a recognized Iranian nation-state threat actor, claims to have successfully breached PSK Wind Technologies, a key Israeli defense contractor. The incident has resulted in the public release of highly classified military data, representing a significant compromise of sensitive operational…
-
Cambodia extradites alleged cyber scam linchpin to China as crackdown intensifies
Li Xiong was the head of Huione Group, whose branded entities at one time included an online banking arm, cryptocurrency exchange and online marketplace which has been referred to as an “Amazon for criminals.” First seen on therecord.media Jump to article: therecord.media/cambodia-extradites-alleged-cyber-scam-linchpin-to-china