Tag: hacker
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Geldwäsche für Hacker: Kryptodienst wegen illegaler Aktivitäten vom Netz genommen
Ein 39-jähriger Russe soll über seine Krypto-Börse E-Note für Cyberkriminelle Millionenbeträge gewaschen haben. Damit ist jetzt Schluss. First seen on golem.de Jump to article: www.golem.de/news/geldwaesche-fuer-hacker-kryptodienst-wegen-illegaler-aktivitaeten-vom-netz-genommen-2512-203390.html
-
Ungepatchte Sicherheitslücke: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete system control. The vulnerability stems from insufficient authorization checks in the SonicWall SMA1000 Appliance Management…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Critical Node.js Library Flaw Lets Hackers Execute Remote Commands on Windows
A severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user input to the vulnerable function. The vulnerability exists in the fsSize() function, which retrieves disk space information but fails…
-
Hackers Actively Target Cisco and Palo Alto VPN Gateways to Steal Login Credentials
Tags: attack, authentication, breach, cisco, credentials, cyber, cybersecurity, exploit, hacker, login, network, service, vpnCybersecurity researchers at GreyNoise have identified a large-scale, coordinated campaign targeting enterprise VPN authentication systems. The attackers are systematically attempting to breach Cisco SSL VPN and Palo Alto Networks GlobalProtect services through credential-based attacks rather than exploiting specific vulnerabilities. The campaign activity was observed during mid-December across a concentrated two-day period, revealing a sophisticated approach…
-
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems. First seen on hackread.com Jump to article: hackread.com/france-arrests-hacker-interior-ministry-systems/
-
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems. First seen on hackread.com Jump to article: hackread.com/france-arrests-hacker-interior-ministry-systems/
-
Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities
Imagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fiction. Security researchers have demonstrated that this scenario is entirely possible in today’s connected vehicles, exposing a critical vulnerability in…
-
Chinese Hackers Turn Compromised Servers Into ShadowPad Nodes
A sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a significant escalation in the group’s operational capabilities, enabling attackers to establish persistent, multi-layered command-and-control infrastructure that spans victim…
-
When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk
A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according to The Hacker News, reinforcing a persistent reality for defenders: attackers no longer wait for exposure windows to close. They exploit them immediately. Unlike large-scale volumetric attacks that announce themselves through disruption, zero-day exploitation operates quietly.…
-
FTC orders crypto platform Nomad to distribute $37.5 million after 2022 theft
Under a settlement with the FTC, the Nomad platform will have to redistribute stolen funds that white-hat hackers returned to the company after thieves aggressively exploited a vulnerability in 2022. First seen on therecord.media Jump to article: therecord.media/ftc-settlement-nomad-platform-return-customers-cryptocurrency
-
Chinese Hackers Hijack European Networks for Espionage
Ink Dragon Compromised IIS Networks to Relay ShadowPad Malware. A Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as Ink Dragon. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-hijack-european-networks-for-espionage-a-30319
-
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps
Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat Research Team identified the latest iteration of >>DOCSWAP
-
Russian BlueDelta hackers ran phishing campaign against Ukrainian webmail users
Researchers said the campaign likely aimed to collect sensitive information from Ukrainian users in support of broader Russian intelligence objectives. First seen on therecord.media Jump to article: therecord.media/russian-bluedelta-hackers-ran-phishing-ukraine-webmail
-
Cisco says Chinese hackers are exploiting its customers with a new zero-day
Cisco said it discovered a Chinese hacking campaign targeting its customers by exploiting a zero-day in some of the company’s most popular products. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/17/cisco-says-chinese-hackers-are-exploiting-its-customers-with-a-new-zero-day/
-
Pornhub Premium und der Leak, der nach Erpressung riecht
Wenn der Betreiber nicht den Forderungen von ShinyHunters entspricht, wollen die Hacker zahlreiche Pornhub Premium-Kundendaten enttarnen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/pornhub-premium-und-der-leak-der-nach-erpressung-riecht-324307.html
-
Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories
Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach. First seen on hackread.com Jump to article: hackread.com/hackers-pornhub-premium-user-watch-histories/
-
Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories
Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach. First seen on hackread.com Jump to article: hackread.com/hackers-pornhub-premium-user-watch-histories/
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Tags: credentials, cyber, exploit, hacker, infrastructure, intelligence, network, russia, theft, threat, vulnerabilityAmazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (20212025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the…
-
Microsoft Will Finally Kill an Encryption Cipher That Enabled a Decade of Windows Hacks
The weak RC4 for administrative authentication has been a hacker holy grail for decades. First seen on wired.com Jump to article: www.wired.com/story/microsoft-will-finally-kill-an-encryption-cipher-that-enabled-a-decade-of-windows-hacks/
-
CISA Alerts on Actively Exploited Gladinet CentreStack and Triofox Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers are actively exploiting it in attacks. The vulnerability, identified as CVE-2025-14611, involves a serious issue with how these…
-
Blind Eagle Hackers Exploit Trust to Bypass Email Security Controls
Tags: attack, control, cyber, cybersecurity, email, exploit, government, group, hacker, malware, phishing, spear-phishing, threatBlindEagle threat actors are exploiting compromised internal email accounts to launch spear-phishing campaigns that bypass traditional email security controls, targeting Colombian government agencies with sophisticated multi-stage malware attacks, according to Zscaler ThreatLabz research. The cybersecurity firm discovered the campaign in early September 2025, revealing that the South American threat group targeted a government agency under…
-
CISA Alerts on Actively Exploited Gladinet CentreStack and Triofox Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers are actively exploiting it in attacks. The vulnerability, identified as CVE-2025-14611, involves a serious issue with how these…
-
React2Shell-Attacken: Nordkoreanische Hacker nutzen EtherRAT-Malware
Die Analyse einer aktuellen Angriffskampagne zeigt, wie schnell sich bekannte Schwachstellen zu hochentwickelten Einfallstoren entwickeln können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/react2shell-attacken-nordkoreanische-hacker-etherrat-malware
-
FortiGate firewall credentials being stolen after vulnerabilities discovered
Tags: access, advisory, ai, attack, authentication, best-practice, breach, ceo, cisa, credentials, cve, cyberattack, cybersecurity, data, data-breach, exploit, firewall, flaw, fortinet, hacker, infrastructure, Internet, kev, least-privilege, login, malicious, network, password, software, theft, threat, update, vulnerabilityCSO. “So far, the pattern of activity has appeared to be opportunistic in nature. While it is difficult to estimate the number of devices directly vulnerable to this vulnerability, there are hundreds of thousands of Fortinet appliances accessible on the public internet through specialized search engines. This allows threat actors to opportunistically attempt exploitation against…