Tag: hacker
-
Hackers Actively Exploit ‘Nginx Rift’ Vulnerability Affecting NGINX, F5 Products
Hackers are actively exploiting the Nginx Rift vulnerability affecting NGINX and F5 products, exposing servers to denial-of-service attacks. First seen on hackread.com Jump to article: hackread.com/hackers-exploit-nginx-rift-vulnerability-nginx-f5-products/
-
Kimsuky Uses LNK, JSE Lures to Target Recruiters, Crypto Users, Defense Officials
Kimsuky Hackers Use LNK and JSE Lures to Target Recruiters, Crypto Users, and Defense Officials. North Korea-linked threat group Kimsuky has launched at least four distinct spear-phishing campaigns in early 2026, targeting recruiters, cryptocurrency users, developers, defense personnel, and academic administrators. Despite using different themes and delivery methods, all campaigns follow a consistent attack chain:…
-
Grafana Labs Confirms Hackers Stole Source Code
Open source tool maker Grafana says hackers stole codebase via GitHub breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/grafana-labs-confirms-hackers/
-
Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data
Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked as Storm-2949, targeting Microsoft Entra ID accounts to steal sensitive data from Microsoft 365 and Azure environments. Instead of deploying malicious payloads, Storm-2949 abused legitimate cloud management features to gain…
-
Hackers Bypass Security Tools to Target Users Directly
Bridewell report calls out emergence of “fix-style” attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-bypass-security-tools/
-
Hacker können Konten kapern: Lücke im Microsoft Authenticator ermöglicht Datenklau
Angreifer können beim Microsoft Authenticator Zugriffstokens abgreifen und damit auf Daten und Dienste der Nutzer zugreifen. Ein Patch ist verfügbar. First seen on golem.de Jump to article: www.golem.de/news/hacker-koennen-konten-kapern-luecke-im-microsoft-authenticator-ermoeglicht-datenklau-2605-208805.html
-
Sicherheitslücke wird ausgenutzt: Hacker greifen Nginx-Webserver an
Angreifer machen Nginx-Webserver mit einem öffentlich verfügbaren Exploit unerreichbar. Auch eine Schadcodeausführung ist manchmal möglich. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-wird-ausgenutzt-hacker-greifen-nginx-webserver-an-2605-208796.html
-
The Newest Space Race is in Cyber
Satellites Will Be Newest Cyberwar Front. Now that space is becoming a battlefield, cyberwar will be waged there, experts predict, and the race is on to develop cyber defenses that can protect new satellite constellations from foreign cyber-warriors, online spies and even criminal hacker gangs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/newest-space-race-in-cyber-a-31717
-
NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
The New York public healthcare system said hackers stole personal and medical data, and scans of biometrics, including fingerprints, in one of the largest recorded breaches of 2026. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/18/nyc-health-and-hospitals-says-hackers-stole-medical-data-and-fingerprints-during-breach-affecting-at-least-1-8-million-people/
-
Grafana refuses to pay ransom after codebase theft
On Saturday night, the company released a statement confirming the incident and outlining their decision not to pay a ransom issued by the hackers behind the attack. First seen on therecord.media Jump to article: therecord.media/grafana-refuses-to-pay-ransom-codebase-theft
-
NYC Health and Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people
The New York public healthcare system said hackers stole personal and medical data, and scans of biometrics, including fingerprints, in one of the largest recorded breaches of 2026. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/18/nyc-health-and-hospitals-says-hackers-stole-medical-data-and-fingerprints-during-breach-affecting-at-least-1-8-million-people/
-
Grafana Labs says hacker gained access to codebase through leaked token
The company, which operates a widely used observability platform, is refusing to pay an extortion demand. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-says-hacker-gained-access-to-codebase-through-leaked-token/820485/
-
Grafana Labs says hacker gained access to codebase through leaked token
The company, which operates a widely used observability platform, is refusing to pay an extortion demand. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-says-hacker-gained-access-to-codebase-through-leaked-token/820485/
-
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
Government Backed Hackers abused Cloudflare storage services in a Malaysian espionage campaign involving hidden C2 systems and data exfiltration. First seen on hackread.com Jump to article: hackread.com/government-backed-hackers-cloudflare-malaysia-espionage/
-
Grafana says stolen GitHub token let hackers steal codebase
Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/grafana-says-stolen-github-token-let-hackers-steal-codebase/
-
Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom
The open source project said hackers stole its codebase and threatened to publish its source code if the company did not pay. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/18/open-source-tool-maker-grafana-labs-says-hackers-stole-its-code-refuses-to-pay-ransom/
-
Kriminelle Konkurrenz – Hacker verdrängen andere Hacker aus kompromittierten Cloud-Systemen
First seen on security-insider.de Jump to article: www.security-insider.de/pcpjack-hacker-kapern-teampcp-systeme-cloud-a-5172799969181a22e6cd9dc02acee0cf/
-
Pwn2Own Berlin: Hacker hacken Windows, Linux, Edge und jede Menge KI-Tools
Bei der Pwn2Own in Berlin sind vor allem Betriebssysteme und KI-Tools attackiert worden. Die Teilnehmer gewannen fast 1,3 Millionen US-Dollar. First seen on golem.de Jump to article: www.golem.de/news/pwn2own-berlin-hacker-hacken-windows-linux-edge-und-jede-menge-ki-tools-2605-208767.html
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Quellcode erbeutet: Hacker kapern Github-Umgebung von Grafana
Angreifer sind in die Github-Umgebung von Grafana Labs eingedrungen und haben sich am Quellcode vergriffen. Lösegeld gibt es dafür aber wohl nicht. First seen on golem.de Jump to article: www.golem.de/news/quellcode-erbeutet-hacker-kapern-github-umgebung-von-grafana-2605-208761.html
-
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blends custom tooling, cloud infrastructure, and stealthy data exfiltration. At the center of the operation is an Azure virtual machine (IP: 20.17.161.118) used to orchestrate attacks across government-linked networks. The infrastructure contained a wide range of…
-
Hackers Hide PureLogs Infostealer in PawsRunner Loader
Threat actors are increasingly hiding malware inside seemingly harmless files, and a new campaign shows just how effective this tactic has become. The attack begins with a phishing email carrying a TXZ archive attachment. Disguised as an urgent invoice, the file pressures victims into opening it quickly. Once extracted, the archive reveals a JavaScript file…
-
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-earn-1-298-250-for-47-zero-days-at-pwn2own-berlin-2026/
-
Grafana Says It Rejected Ransom Demand After Source Code Theft
Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected. First seen on hackread.com Jump to article: hackread.com/grafana-source-code-theft-rejected-ransom-demand/
-
Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?
Businesses are advised against paying but many are prepared to deal to protect users’ privacyAfter a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and school login pages being defaced by hackers, the US tech firm Instructure which operates the education platform Canvas, used by education providers worldwide announced…
-
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persistence, stealth, and data collection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-turn-kazuar-backdoor-into-modular-p2p-botnet/
-
Studie zeigt: Hacker hassen KI-Beiträge in ihren Foren aus denselben Gründen wie alle anderen
First seen on t3n.de Jump to article: t3n.de/news/studie-hacken-hassen-ki-slop-1741954/
-
Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads. First seen on hackread.com Jump to article: hackread.com/hackers-pyinstaller-amsi-patching-xworm-rat-v7-4/
-
Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/