Tag: hacker
-
The Hackers Behind Shai-Hulud: Lucky or Skilled?
TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it’s not necessarily due to skill alone. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/shai-hulud-hackers-teampcp-lucky-skilled
-
Iranian government, not hacktivist group, breached LA Metro system, security firm says
A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iranian-government-not-hacktivist-group-breached-la-metro-system-securit/821112/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
FBI warns about PhaaS platform used to access Microsoft 365 environments
Device code phishing enabled hackers to bypass multifactor authentication without credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-warns-phishing-platform-microsoft-365/821105/
-
Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover
An Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/iranian-hackers-blamed-for-breach-of-los-angeles-transit-system-that-took-weeks-to-recover/
-
[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back
Every single day, hackers are finding new ways to crash websites and steal data.But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop.According to recent updates from The Hacker News, bad actors are…
-
Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack
Attackers have poisoned four Laravel-Lang Composer packages by rewriting hundreds of Git tags, putting many Laravel apps at risk. Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions. Laravel-Lang is a community-driven project that provides translation and localization files for Laravel applications. The…
-
New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar
Every single day, hackers are finding new ways to crash websites and steal data.But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop.According to recent updates from The Hacker News, bad actors are…
-
Textbasierte QR-Codes: Neue Phishing-Masche hebelt Sicherheitsfilter aus
Neue Phishing-Masche: Hacker nutzen QR-Codes aus Textzeichen, um E-Mail-Sicherheitsfilter zu umgehen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-phishing-masche-qr-codes
-
China-Linked Hackers Hit SEA Edge Routers With Custom Linux Implant
China-linked hackers are conducting a stealthy infrastructure-centric espionage campaign across Southeast Asia by compromising Linux-based edge routers with a custom ELF implant and pairing it with a cracked Cobalt Strike Beacon on Windows systems for unified command-and-control over entire networks. The operation enables full visibility into, and manipulation of, downstream traffic while largely bypassing traditional…
-
Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware
Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks. The vulnerability allows attackers to extract sensitive database contents without authentication, including the Ghost Admin API Key. Unlike the read-only Content API Key, this administrative key grants full control over posts…
-
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026.The activity, besides embracing…
-
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iran’s Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranian-hackers-us-aviation/
-
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iran’s Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranian-hackers-us-aviation/
-
Hackers Use SEO Poisoning to Fake Gemini CLI and Claude Code Installers
Hackers are increasingly abusing search engine optimization (SEO) techniques to distribute malware by impersonating popular AI developer tools, including Gemini CLI and Claude Code. The activity, first observed in early March 2026, shows attackers creating malicious domains that rank above legitimate sources in search engine results. Developers searching for official installation guides are redirected to…
-
Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell
Tags: cve, cyber, exploit, flaw, google, hacker, intelligence, mandiant, remote-code-execution, threat, vulnerabilityHackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according to findings from Mandiant’s Google Threat Intelligence Group. The flaw, tracked as CVE-2026-5426, enables unauthenticated remote code execution through ASP.NET ViewState deserialization and has been observed in real-world attacks. KnowledgeDeliver LMS Flaw The vulnerability…
-
Hacker Lists 340M OnlyFans User Records for Sale
A hacker is selling a 340M OnlyFans database, but the seller says old leaks and public data were used to link creators and subscribers to real identities. The post Hacker Lists 340M OnlyFans User Records for Sale appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-onlyfans-340m-database-sale/
-
Mega-Leak bei Onlyfans 340 Millionen Datensätze könnten Anonymität von Creatorn und Nutzern gefährden
Ein neuer angeblicher Mega-Datenleak rund um die Plattform <> sorgt derzeit in der Cybersecurity-Szene für Aufsehen. Laut einem Bericht von Cybernews behaupten Hacker, rund 340 Millionen Datensätze von Onlyfans-Nutzern und Creatorn zu verkaufen darunter E-Mail-Adressen, Nutzernamen, Aktivitätsdaten und angeblich auch Verknüpfungen zu sozialen Profilen. Sollten sich die Angaben bestätigen, wäre das nicht nur ein […]…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…
-
FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack
Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware. First seen on hackread.com Jump to article: hackread.com/fbi-chief-kash-patel-store-hacked-infostealer-clickfix/
-
Hackers Actively Scan SonicWall Firewall Interfaces as 597,000 Sessions Observed
A sharp surge in internet scanning activity targeting SonicWall firewall management interfaces has raised concerns among cybersecurity researchers, with GreyNoise reporting nearly 597,000 sessions in a single day. The spike, observed on May 12, 2026, marks the highest volume recorded in the past 90 days and is approximately 46 times higher than the typical daily…
-
Hackers Exploit Azure RBAC to Steal Key Vault Secrets
Hackers are increasingly exploiting cloud identity and access management systems, and a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus: to exfiltrate as much sensitive data from a target organization’s high-value assets as possible. The attack, attributed to a threat actor tracked…
-
Hackers Exploit Shared CDNs to Evade Domain Reputation Filters
Hackers are increasingly abusing shared Content Delivery Network (CDN) infrastructure to bypass domain-reputation-based security controls using a newly identified technique called “Underminr.” Underminr is not a conventional software flaw but an inherent weakness in how modern CDNs handle multi-tenant traffic. CDN providers such as Cloudflare, Akamai, AWS CloudFront, and Fastly route traffic for millions of…
-
FBI director Kash Patel’s brand website taken offline after malware reports
FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI director Kash Patel (basedapparel[.]com) was taken offline on Friday after reports that it had been compromised by hackers using it to spread malware. The malware was…
-
Hackers Hide Linux Malware in SSH-Like Package Filename
Hackers have been observed disguising a malicious Linux payload under an SSH-like filename during software installation, as part of a coordinated supply chain attack targeting developer ecosystems. The attack hinges on a hidden post-install script embedded inside package.json, rather than the expected composer.json used in PHP environments. This subtle placement allows the malicious code to evade detection during routine dependency…
-
Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack
Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source packages and hundreds of associated versions. Security researchers at Socket are tracking the campaign as “TrapDoor,” a crypto-focused credential stealer designed to infiltrate developer environments and exfiltrate sensitive data. Cross-Ecosystem Supply Chain Attack The…