Tag: hacker
-
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/avada-builder-wordpress-plugin-flaws-allow-site-credential-theft/
-
Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the threat landscape. The spike in activity is closely tied to the public release of criminal toolkits and phishing-as-a-service (PhaaS) platforms, making the once obscure technique widely accessible. New kits are appearing almost weekly, many seemingly…
-
OrBit Rootkit Targets Linux to Steal SSH and Sudo Credentials
Hackers are continuing to abuse a stealthy Linux rootkit known as OrBit to harvest SSH and sudo credentials, with new research showing the threat has quietly evolved over four years while remaining active in the wild. First analyzed in 2022, OrBit was initially believed to be a custom-built Linux userland rootkit. It operates by hijacking…
-
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts. First seen on hackread.com Jump to article: hackread.com/calphishing-eviltokens-kit-outlook-invites-m365/
-
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero-day vulnerabilities in Microsoft Edge, Windows 11, LiteLLM, and NVIDIA platforms. On May 14, researchers demonstrated 24 unique zero-day exploits, earning a total of $523,000 in rewards, according to Trend…
-
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-hackers-tencshell-malware/
-
TeamPCP Hackers Exploit CI/CD Pipelines to Steal Cloud Credentials
A financially motivated threat group known as TeamPCP is aggressively targeting modern software supply chains, abusing trusted CI/CD pipelines to steal sensitive developer and cloud credentials at scale. TeamPCP’s core strategy is simple but highly effective: compromise trusted build and release workflows instead of end-user systems. By injecting malicious code into CI/CD pipelines, attackers leverage…
-
Palo Alto Firewalls Hit by Zero-Day Allowing Arbitrary Code Execution as Root
A devastating zero-day vulnerability in Palo Alto Networks firewalls is under active exploitation by suspected state-sponsored hackers, allowing unauthenticated attackers to seize complete control of enterprise security infrastructure. The flaw, tracked as CVE-2026-0300 with a critical CVSS score of 9.3, targets the User-ID Authentication Portal service in PAN-OS software and has been weaponized since at…
-
Hackers Exploit Scheduled Tasks for Persistence in FrostyNeighbor Attacks
Hackers linked to the long-running FrostyNeighbor cyber”‘espionage group have intensified attacks against Ukrainian government organizations, deploying updated techniques that rely on scheduled tasks for stealthy persistence and server-side validation to evade detection. FrostyNeighbor also tracked as Ghostwriter, UNC1151, and TA445 has been active since at least 2016 and is widely believed to operate in alignment…
-
TeamPCP hackers advertise Mistral AI code repos for sale
The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords. First seen on hackread.com Jump to article: hackread.com/fake-job-interview-jobstealer-malware-windows-macos/
-
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords. First seen on hackread.com Jump to article: hackread.com/fake-job-interview-jobstealer-malware-windows-macos/
-
OpenAI says hackers stole some data after latest code security issue
OpenAI said the damage was limited to the employees’ devices, and did not affect user data nor its production systems, and none of its intellectual property was stolen. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/openai-says-hackers-stole-some-data-after-latest-code-security-issue/
-
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack (Updated)
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems. First seen on hackread.com Jump to article: hackread.com/teampcp-mistral-ai-repositories-mini-shai-hulud-attack/
-
A spyware investigator exposed Russian government hackers trying to hijack Signal accounts
A group of likely Russian government hackers tried to hack a security researcher who investigates spyware attacks. He was then able to turn the tables on the hackers and reveal details of their espionage campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/a-spyware-investigator-exposed-russian-government-hackers-trying-to-hijack-signal-accounts/
-
TeamPCP, BreachForums Launch $1K Supply-Chain Attack Contest
A new cybercrime campaign is turning supply chain attacks into a public competition, as TeamPCP and BreachForums operators launch a $1,000 contest that encourages hackers to compromise open-source packages. The initiative, first highlighted by Dark Web Informer, signals an escalation in how threat actors are gamifying real-world attacks to recruit participants and expand their reach.…
-
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the Russian state-backed threat actor is no longer just infiltrating IT networks it is actively pivoting into operational technology (OT) environments where real-world disruption becomes possible. The findings are based on…
-
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months”‘long espionage operation, deploying the Deed RAT and Terndoor backdoors to maintain deep access across the network. The activity is attributed with moderate”‘to”‘high confidence to FamousSparrow, a China”‘aligned APT cluster that overlaps…
-
170 npm Packages Hijacked to Steal GitHub, AWS Kubernetes Secrets
Hackers have launched a large-scale supply chain attack by compromising more than 170 npm packages and two PyPI libraries, collectively downloaded over 200 million times weekly, to steal sensitive developer and cloud credentials. The malicious npm packages contain a hidden preinstall script that silently executes during installation. This script deploys a loader, which downloads a…
-
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations. First seen on hackread.com Jump to article: hackread.com/chinatwill-typhoon-fake-apple-yahoo-sites-espionage/
-
QA: Why Vulnerability Scans Are Giving Businesses a False Sense of Security
Phillip Wylie is an internationally recognised cybersecurity expert, ethical hacker and offensive security specialist with more than 28 years’ experience across IT, network security, application security, penetration testing, red teaming and social engineering. As co-author of The Pentester BluePrint, founder of The Pwn School Project and host of The Phillip Wylie Show, Phillip has built his career around…
-
Hackers Hijack HWMonitor to Sideload Malicious DLL
Hackers are once again exploiting user trust in legitimate software, this time abusing the popular CPUID HWMonitor utility to deliver a stealthy remote access trojan. The malicious archive mimics a legitimate installer, highlighting how trusted tools remain a powerful lure for initial access. The weaponized ZIP archive, distributed via a fake download link, contains the…
-
Hackers accessed BWH Hotels reservation system for months
BWH Hotels says hackers accessed guest reservation data, including names and contacts, for over six months across multiple hotel brands. BWH Hotels disclosed a data breach, with threat actors having had access to guest reservation data for more than six months. The incident exposed names and contact details of an undisclosed number of guests. BWH…
-
West Pharmaceutical warns of ransomware attack impacting business operations
West Pharmaceutical Services filed a report with the Securities and Exchange Commission (SEC) on Monday evening warning customers that a hacker breached the company network on May 4, stole data and encrypted systems. First seen on therecord.media Jump to article: therecord.media/west-pharmaceutical-warns-of-ransomware-attack-impacting-operations
-
Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
-
Instructure claims hackers returned stolen Canvas data after an extortion standoff
ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/