Tag: hacker
-
Iranian APT Prince of Persia returns with new malware and C2 infrastructure
A shift to Telegram: More recently, the researchers identified a new Tonnerre variant that’s advertised as v50, as well as an unknown new Foudre version that goes along with it. These versions use a new C2 server structure and, most importantly, can download a file from the server that enables Telegram communication via its API.The…
-
UK Foreign Office Targeted by Hackers
Chinese Hacking Group Reportedly Behind the Hack. A top-ranking U.K. government official said that hackers targeted the government’s foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. We managed to close the hole, as it were, very quickly, said Trade Minister Chris Bryant. First seen on govinfosecurity.com Jump…
-
UK Foreign Office Targeted by Hackers
Chinese Hacking Group Reportedly Behind the Hack. A top-ranking U.K. government official said that hackers targeted the government’s foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. We managed to close the hole, as it were, very quickly, said Trade Minister Chris Bryant. First seen on govinfosecurity.com Jump…
-
BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service
Russian state-sponsored threat group BlueDelta has conducted a sustained credential-harvesting campaign targeting users of UKR.NET, one of Ukraine’s most popular webmail and news services, between June 2024 and April 2025. According to research by Recorded Future’s Insikt Group, the operation represents a significant escalation in the GRU-linked threat actor’s efforts to compromise Ukrainian user credentials…
-
Hackers Leverage Gladinet Triofox 0-Day Vulnerability to Run Malicious Code
Tags: attack, cve, cyber, exploit, flaw, hacker, infrastructure, malicious, remote-code-execution, threat, vulnerability, zero-dayA critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. CVE-2025-12480, tracked by UNC6485, represents a complex attack chain that involves multiple infrastructure challenges and technical hurdles attackers must overcome to…
-
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/19/hundreds-of-cisco-customers-are-vulnerable-to-new-chinese-hacking-campaign-researchers-say/
-
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
Tags: attack, authentication, credentials, email, government, group, hacker, microsoft, phishing, russiaA suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims’ Microsoft 365 credentials and conduct account takeover attacks.The activity, ongoing since September 2025, is being tracked by Proofpoint under the moniker UNK_AcademicFlare.The attacks involve using compromised email addresses belonging to government First seen on thehackernews.com…
-
State-linked and criminal hackers use device code phishing against M365 users
Russia-linked groups have attacked multiple sectors in recent months. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/state-linked-criminal-hackers-device-code-phishing-m365/808396/
-
Chinese Hackers Target Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Target Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
UK politics: ‘Not clear’ who was behind FCDO hack, says minister, amid reports of China link as it happened
Chris Bryant confirms October cyber-attack as the Sun names Storm 1849, a Chinese hacker group, as being responsible The BBC’s editing guidelines do not need to be altered in the wake of controversy surrounding the edit of a <strong>Donald Trump</strong> speech, a review has found.The US president is seeking up to $10bn (£7.5bn) in damages…
-
Über deutsche IP-Adressen: Hacker attackieren massenhaft VPN-Zugänge
VPN-Zugänge von Cisco und Palo Alto Networks werden angegriffen. Die Attacken scheinen primär über einen deutschen Hoster zu laufen. First seen on golem.de Jump to article: www.golem.de/news/ueber-deutsche-ip-adressen-hacker-attackieren-massenhaft-vpn-zugaenge-2512-203459.html
-
Microsoft-Konto gekapert: Hacker entwickeln Cyberangriffe mit Captchas weiter so schützt du dich
First seen on t3n.de Jump to article: t3n.de/news/microsoft-konto-gekapert-hacker-cyberangriffe-captchas-weiterentwickelt-1722368/
-
North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025
North Korean cybercriminals shattered previous records in 2025, stealing at least $2.02 billion in cryptocurrency through a sophisticated campaign that represents the most successful year ever for state-sponsored digital theft despite fewer confirmed attacks. This unprecedented haul marks a 51% increase year-over-year. It brings the regime’s cumulative cryptocurrency theft to a staggering $6.75 billion, cementing…
-
‘Not clear’ who was behind FCDO hack, says minister, amid reports of China link UK politics live
Chris Bryant confirms October cyber-attack as the Sun names Storm 1849, a Chinese hacker group, as being responsible Reform UK have held on to a seat on Cornwall council in a byelection after a turbulent time for the party in the county.The result shows support remains for Nigel Farage’s party in Cornwall despite a flurry…
-
Chinese Hackers Exploited a Zero-Day in Cisco Email Security Systems
Cisco disclosed that a China-linked hacking group exploited a previously unknown vulnerability in its email security products, allowing attackers to compromise systems that sit at the center of enterprise email traffic. The flaw affected Cisco Secure Email Gateway and Secure Email and Web Manager appliances running AsyncOS and was actively exploited before public disclosure. The……
-
Chinese Hackers Exploited a Zero-Day in Cisco Email Security Systems
Cisco disclosed that a China-linked hacking group exploited a previously unknown vulnerability in its email security products, allowing attackers to compromise systems that sit at the center of enterprise email traffic. The flaw affected Cisco Secure Email Gateway and Secure Email and Web Manager appliances running AsyncOS and was actively exploited before public disclosure. The……
-
Chinese Hackers Targeting Cisco Email Gateways
Cisco Talos Attributes Campaign to UAT-9686. Likely Chinese nation-state hackers are exploiting an unpatched flaw in Cisco email appliances as part of an ongoing campaign to gain persistent access. Hackers have been exploiting since mid-November a zero-day in the Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. First seen on govinfosecurity.com Jump…
-
New China-linked hacker group spies on governments in Southeast Asia, Japan
The group, LongNosedGoblin, has been active since at least September 2023 and was uncovered after researchers detected new malware strains inside the network of a Southeast Asian government last year. First seen on therecord.media Jump to article: therecord.media/china-linked-hacker-group-spied-on-asian-govs
-
New China-linked hacker group spies on governments in Southeast Asia, Japan
The group, LongNosedGoblin, has been active since at least September 2023 and was uncovered after researchers detected new malware strains inside the network of a Southeast Asian government last year. First seen on therecord.media Jump to article: therecord.media/china-linked-hacker-group-spied-on-asian-govs
-
University of Sydney suffers data breach exposing student and staff info
Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/university-of-sydney-suffers-data-breach-exposing-student-and-staff-info/
-
APT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server Information
Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intelligence dump, fundamentally rewrites that assessment. What emerges is not a hacker collective but a government department, complete with…
-
Crypto Theft in 2025 Concentrated in Fewer, Larger Breaches
Chainalysis Data Shows Access-Driven Attacks Reshaping Risk. Hackers stole more than $3.4 billion in crypto this year. Losses were driven by a small number of high-impact breaches. Chainalysis data shows how North Korea actors, centralized platforms and expanding retail adoption reshaped where crypto risk accumulated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/crypto-theft-in-2025-concentrated-in-fewer-larger-breaches-a-30331
-
Der Raspberry-Pi-Weckruf für CISOs
Tags: access, authentication, ceo, ciso, control, cyberattack, dns, firewall, group, hacker, Hardware, infrastructure, linux, monitoring, office, risk, switch, tool, voip, vpnKleines Device, große Wirkung.Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff…
-
China-linked hackers exploit insecure setting in Cisco security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
Chinese attackers exploiting zero-day to target Cisco email security products
Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory. First seen on therecord.media Jump to article: therecord.media/chinese-attackers-zero-day
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Crypto theft in 2025: North Korean hackers continue to dominate
When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/crypto-theft-2025-north-korean-domination/
-
Cisco says China-linked hackers exploiting insecure setting in security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
Hackers breach internal servers of tech provider for Britain’s health service
In a disclosure to the London Stock Exchange, the the U.K. healthcare IT provider DXS said it discovered a data breach on December 14. First seen on therecord.media Jump to article: therecord.media/uk-nhs-tech-provider-dxs-discloses-hack