Tag: hacker
-
North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-target-ethnic-koreans-in-china
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
Instructure hacker claims data theft from 8,800 schools, universities
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-hacker-claims-data-theft-from-8-800-schools-universities/
-
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
-
Vimeo confirms breach via third-party vendor impacts 119K users
Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third”‘party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third”‘party…
-
Vimeo confirms breach via third-party vendor impacts 119K users
Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third”‘party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third”‘party…
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
-
Vimeo confirms breach via third-party vendor impacts 119K users
Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third”‘party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole personal information of 119,000 users in April 2026. According to Have I Been Pwned, the attackers accessed user data through a compromise at Anodot, a third”‘party…
-
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Hackers abused Google AppSheet to send Meta phishing emails, compromising 30,000 Facebook business accounts across 50 countries. The post Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-appsheet-facebook-phishing-accountdumpling/
-
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
-
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
The cybersecurity company says it’s seen thousands of infection attempts, and at least a dozen successful hacks after users installed malicious versions of the popular Windows software. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/05/kaspersky-suspects-chinese-hackers-planted-a-backdoor-into-daemon-tools-in-widespread-attack/
-
Hackers steal students’ data during breach at education tech giant Instructure
The data breach at education tech giant Instructure includes students’ private data, according to a sample of the allegedly stolen data seen by TechCrunch. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/05/hackers-steal-students-data-during-breach-at-education-tech-giant-instructure/
-
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply”‘chain attack, trojanizing Windows and Android software to spy on users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/
-
Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads
A sophisticated supply-chain attack has compromised the official distribution channel for DAEMON Tools, delivering multi-stage malware to users worldwide. Since April 8, 2026, threat actors have distributed trojanized installers signed with legitimate digital certificates to conduct highly targeted cyberespionage operations. Attackers successfully breached the development pipeline of AVB Disc Soft, the creators of the widely…
-
Educational company Instructure reports cyber incident
By Saturday, Infrastructure’s chief information security officer Steve Proud confirmed that the hackers gained access to information about users at some educational institutions, including names, email addresses, student ID numbers and messages between users. First seen on therecord.media Jump to article: therecord.media/infrastructure-education-company-canvas-incident
-
Vimeo-Daten nach Angriff auf KI-Dienstleister erbeutet – Hacker fordern von Vimeo Lösegeld für Nutzerdaten
First seen on security-insider.de Jump to article: www.security-insider.de/shiny-hunters-datenleck-vimeo-anodot-a-0bc433776c1e797ffe967ac46011a87c/
-
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/china-scarcruft-supply-chain-attack/
-
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
-
Unsichtbare Gefahr im BootROM: Warum Ihr Smartphone einen Neustart vortäuschen könnte
Durch die neu entdeckte Qualcomm-Schwachstelle CVE-2026-25262 können Hacker den Secure Boot umgehen und Smartphone-Kameras unbemerkt aktivieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/smartphone-vortaeuschen
-
DigiCert Hacked in Screensaver-Based Attack to Fraudulently Obtain EV Code Signing Certificates
DigiCert, a major Certificate Authority, recently suffered a significant security breach where hackers used a malicious screensaver file to steal 60 Extended Validation (EV) Code Signing certificates. These highly trusted certificates were subsequently used to sign the >>Zhong Stealer<< malware, allowing the malicious files to bypass security warnings by appearing as legitimate software. The incident…
-
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/small-defense-firms-lack-network/
-
Weaver E-cology critical bug exploited in attacks since March
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/weaver-e-cology-critical-bug-exploited-in-attacks-since-march/
-
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers are now targeting and hacking thousands of vulnerable websites. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/04/hackers-are-still-exploiting-the-cpanel-bug-to-gain-control-of-thousands-of-websites/
-
Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940
Attackers exploit a critical cPanel flaw to target government and MSP networks across Southeast Asia and several countries, including the U.S. and Canada. A threat actor is exploiting critical cPanel vulnerability CVE-2026-41940 to target government and military organizations in Southeast Asia, along with MSPs and hosting providers in countries like the Philippines, Laos, Canada, South…
-
How Mythos Signals Cybersecurity Disruption
Tags: access, ai, attack, banking, browser, business, cybersecurity, data, exploit, finance, government, hacker, healthcare, infrastructure, microsoft, open-source, risk, software, technology, tool, update, vulnerability, zero-dayWhat is Mythos Mythos is Anthropic’s latest AI model, and it is stirring up a tornado of concern in cybersecurity circles. Even before its release, Mythos discovered thousands of new sensitive vulnerabilities in commercial and open-source software, including all major operating systems and web browsers. One was in existence for over 27 years without the industry…
-
Trellix Discloses Source Code Hack
Tags: hackerCompany Says No Evidence So Far That Version Release or Distribution Affected. Trellix disclosed over the weekend that hackers found their way to its source code repository. The company said that investigation so far turned up no evidence that our source code release or distribution process was affected, or that our source code has been…
-
Hackers are still exploiting the cPanel bug to gain control of thousands of websites
Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting and hacking websites. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/04/hackers-are-still-exploiting-the-cpanel-bug-to-gain-control-of-thousands-of-websites/
-
Educational company Infrastructure reports cyber incident
By Saturday, Infrastructure’s chief information security officer Steve Proud confirmed that the hackers gained access to information about users at some educational institutions, including names, email addresses, student ID numbers and messages between users. First seen on therecord.media Jump to article: therecord.media/infrastructure-education-company-canvas-incident
-
Canvas Breach May Put 275M Users, 9,000 Schools at Risk
Instructure confirms a Canvas breach involving user information and messages as hackers claim 275M users and nearly 9,000 schools were affected. The post Canvas Breach May Put 275M Users, 9,000 Schools at Risk appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-canvas-instructure-breach-275m-users/