Tag: hacker
-
Hackers Abuse Hugging Face to Deliver npm Malware
A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a malicious npm package named terminal-logger-utils, which embeds a sophisticated multi-stage malware capable of keylogging, data exfiltration, and remote system control. The package was distributed through three dependent libraries pretty-logger-utils, ts-logger-pack, and pinno-loggers which automatically…
-
Law enforcement shuts down VPN service used by two dozen ransomware gangs
First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/21/law-enforcement-shuts-down-vpn-service-used-by-two-dozen-ransomware-gangs/
-
Cryptohack Roundup: US Extradition of Accused in $340M Scam
Also: Hackers Stole From Verus Bridge, ThorChain and Echo Protocol. This week, Forsage’s co-founder was extradited to the U.S. over a $340M scam, hackers stole from Verus Bridge, ThorChain and Echo Protocol, ZachXBT alleged insider control behind LAB token surge, an Ohio man was sentenced in a Ponzi scheme case and crypto ATM scams cost…
-
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
-
Microsoft warnt: Hacker attackieren Windows-Nutzer über Lücken im Defender
Angreifer können über den Microsoft Defender unter anderem Schadcode einschleusen und sich Systemrechte verschaffen. Erste Attacken laufen bereits. First seen on golem.de Jump to article: www.golem.de/news/microsoft-warnt-hacker-attackieren-windows-nutzer-ueber-luecken-im-defender-2605-208918.html
-
Microsoft’s Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
Despite Internet Explorer’s retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users. First seen on hackread.com Jump to article: hackread.com/microsoft-retired-ie-tool-mshta-fileless-malware-attack/
-
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. First seen on wired.com Jump to article: www.wired.com/story/teampcp-software-supply-chain-attack-spree-github/
-
GitHub links repo breach to TanStack npm supply-chain attack
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week’s TanStack npm supply-chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/
-
Kritische Sicherheitslücken – Hacker schmuggeln bösartigen Code in S/4HANA und Commerce Cloud
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sap-luecken-s4hana-enterprise-search-commerce-cloud-a-20786255ab6f2eaef179986862cf9f13/
-
GitHub Hacked, Internal Repositories Offered for Sale
A Single Developer Downloaded a Poisoned VS Code Extension, and Now Look. GitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.…
-
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/
-
Ukraine probes teen suspect in cyber theft scheme targeting California online shoppers
The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine’s Prosecutor General said. First seen on therecord.media Jump to article: therecord.media/ukraine-probes-teen-suspect-cyber-theft-scheme
-
Compromised coding tool helped hackers breach thousands of GitHub repositories
The attack is the latest example of hackers’ intense focus on open-source packages. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/github-hacked-repository-data/820722/
-
GitHub says hackers stole data from thousands of internal repositories
The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/20/github-says-hackers-stole-data-from-thousands-of-internal-repositories/
-
Critical ExifTool Vulnerability Lets Hackers Compromise Macs via Malicious Images
A newly disclosed vulnerability in ExifTool, tracked as CVE-2026-3102, exposes macOS systems to command execution attacks through malicious image metadata, highlighting ongoing risks in widely used file processing tools. ExifTool is a popular utility used across media workflows to read and write metadata in images, PDFs, and multimedia files. Its flexibility and integration into automation…
-
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours. First seen on hackread.com Jump to article: hackread.com/verizon-dbir-ai-hackers-exploit-vulnerabilities-breaches/
-
Fake Tax Assessment Pages Spread Windows Malware
Hackers are actively targeting Windows users with fake Indian Income Tax assessment pages in a campaign tracked as TAX#TRIDENT. The campaign begins with fraudulent tax assessment or penalty pages designed to create urgency. Victims are prompted to download what appears to be an official document, often packaged as a ZIP archive. Once opened, the archive…
-
Datenklau: Hacker wollen 4.000 private Github-Repos geplündert haben
Die Cybergang TeamPCP setzt Github unter Druck. Sie will an Daten aus Tausenden privaten Code-Repos gelangt sein und stellt diese nun zum Verkauf. First seen on golem.de Jump to article: www.golem.de/news/datenklau-hacker-wollen-4-000-private-github-repos-gepluendert-haben-2605-208851.html
-
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
-
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
-
GitHub investigates internal repositories breach claimed by TeamPCP
GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-investigates-internal-repositories-breach-claimed-by-teampcp/
-
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Ocean, an agentic email security platform, raised funding from Lightspeed Venture Partners. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/from-teen-hacker-to-iron-dome-researcher-this-founder-raised-28m-to-fight-ai-phishing/
-
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/hackers-have-compromised-dozens-of-popular-open-source-packages-in-an-ongoing-supply-chain-attack/
-
Patched OpenClaw Flaw Let Hackers Hijack AI Agents
Chainable Bugs Enable Credential Theft, Persistence, Takeover. Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by abusing the AI agent’s own privileges. The bugs enabled credential theft, privilege escalation and backdoor deployment, affecting all versions released before April 23. First seen on govinfosecurity.com Jump to article:…
-
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/patch-bypass-hackers-exploit-flaw-sonicwall/820600/
-
Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/hackers-have-compromised-dozens-of-popular-open-source-packages-in-an-ongoing-supply-chain-attack/
-
Verizon Breach Report: Vulnerability Exploitation Surges
Tags: access, breach, data, data-breach, exploit, hacker, Hardware, ransomware, software, update, vulnerabilityPatch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIR. The frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim’s environment continues to surge, and half of all successful breaches also now involve some type of ransomware action, according Verizon’s 2026 Data Breach Investigations Report. First…
-
The Newest Space Race Is Cyber
Satellites Will Be Newest Cyberwar Front. Now that space is becoming a battlefield, cyberwar will be waged there, experts predict, and the race is on to develop cyber defenses that can protect new satellite constellations from foreign cyber-warriors, online spies and even criminal hacker gangs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/newest-space-race-cyber-a-31717