Tag: hacker
-
Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information
A critical security vulnerability has been discovered affecting billions of WhatsApp and Signal users worldwide. Researchers found that hackers can exploit delivery receipts to secretly monitor user activity, track daily routines, and drain battery life, all without leaving any visible trace.”‹ The attack, called >>Careless Whisper,
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
WatchGuard Firebox Vulnerabilities Let Hackers Skip Integrity Validation and Plant Malicious Code
WatchGuard Technologies has disclosed critical security vulnerabilities affecting its Firebox firewall products that could allow attackers to bypass system integrity checks and execute malicious code. The company released patches on December 4, 2025, addressing six distinct vulnerabilities that pose significant risks to enterprise network security. Multiple WatchGuard Firebox Vulnerabilities One of the most concerning flaws…
-
React2Shell Under Active Exploitation by China-Nexus Hackers
React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million instances worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/react2shell-under-active/
-
Hackers Target Developers Using Malicious VS Code and Cursor AI Extensions
Visual Studio Code and AI-powered IDEs such as Cursor AI and Windsurf are emerging as one of the most critical and overlooked attack surfaces in the modern software supply chain. Installed on millions of developer machines worldwide, these tools often run with access to source code, secrets, and production credentials. New research shows that compromising…
-
WatchGuard Firebox Vulnerabilities Let Hackers Skip Integrity Validation and Plant Malicious Code
WatchGuard Technologies has disclosed critical security vulnerabilities affecting its Firebox firewall products that could allow attackers to bypass system integrity checks and execute malicious code. The company released patches on December 4, 2025, addressing six distinct vulnerabilities that pose significant risks to enterprise network security. Multiple WatchGuard Firebox Vulnerabilities One of the most concerning flaws…
-
Offensive security takes center stage in the AI era
Tags: ai, attack, automation, business, ciso, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, framework, hacker, hacking, incident response, intelligence, malicious, offense, phishing, RedTeam, regulation, risk, skills, software, strategy, tactics, technology, threat, tool, vulnerability, vulnerability-management, windowsRed teaming, where ethical hackers simulate real-world attacks to test detection and response capabilities. Red teams aim to emulate threat actors by using stealthy tactics to bypass controls and achieve objectives such as data exfiltration or privilege escalation.Adversary emulation, where security pros re-create known threat actor tactics, techniques, and procedures (TTPs) based on threat intelligence…
-
Offensive security takes center stage in the AI era
Tags: ai, attack, automation, business, ciso, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, framework, hacker, hacking, incident response, intelligence, malicious, offense, phishing, RedTeam, regulation, risk, skills, software, strategy, tactics, technology, threat, tool, vulnerability, vulnerability-management, windowsRed teaming, where ethical hackers simulate real-world attacks to test detection and response capabilities. Red teams aim to emulate threat actors by using stealthy tactics to bypass controls and achieve objectives such as data exfiltration or privilege escalation.Adversary emulation, where security pros re-create known threat actor tactics, techniques, and procedures (TTPs) based on threat intelligence…
-
LockBit 5.0 Infrastructure Exposed as Hackers Leak Critical Server Data
Tags: cyber, cybercrime, cybersecurity, data, data-breach, group, hacker, infrastructure, leak, lockbit, ransomwareSecurity researchers have uncovered critical infrastructure details for the notorious LockBit 5.0 ransomware operation, including the IP address 205.185.116.233 and the domain karma0.xyz, which hosts the group’s latest leak site. The discovery represents a significant operational security failure for the cybercriminal organization. Cybersecurity researcher Rakesh Krishnan first publicized the findings on December 5, 2025, identifying…
-
Don’t use ‘admin’: UK’s top 20 most-used passwords revealed as scams soar
Easy-to-guess words and figures still dominate, alarming cysbersecurity experts and delighting hackersIt is a hacker’s dream. Even in the face of repeated warnings to protect online accounts, a new study reveals that “admin” is the most commonly used password in the UK.The second most popular, “123456”, is also unlikely to keep hackers at bay. <a…
-
Mit eigentlich sauberen Add-ons: Wie Hacker 4,3 Millionen Geräte mit Schadcode infizierten
First seen on t3n.de Jump to article: t3n.de/news/saubere-add-ons-schadcode-1719879/
-
Chinese State Hackers Use New BRICKSTORM Malware Against VMware Systems
CISA, NSA, and Canadian Cyber Centre warn that PRC state-sponsored hackers are using BRICKSTORM, a stealthy Go-based backdoor, for long-term espionage in Government and IT networks. First seen on hackread.com Jump to article: hackread.com/chinese-state-hackers-brickstorm-vmware-systems/
-
China Hackers Using Brickstorm Backdoor to Target Government, IT Entities
Chinese-sponsored groups are using the popular Brickstorm backdoor to access and gain persistence in government and tech firm networks, part of the ongoing effort by the PRC to establish long-term footholds in agency and critical infrastructure IT environments, according to a report by U.S. and Canadian security offices. First seen on securityboulevard.com Jump to article:…
-
Chinese hackers exploiting React2Shell bug impacting countless websites, Amazon researchers say
The bug, tagged as CVE-2025-55182 and referred to colloquially as React2Shell, was reported to Meta by researcher Lachlan Davidson on November 29 and publicly disclosed on Wednesday, when a fix was rolled out. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-exploiting-react2shell-vulnerability-amazon
-
Chinese hackers exploiting React2Shell bug impacting countless websites, Amazon researchers say
The bug, tagged as CVE-2025-55182 and referred to colloquially as React2Shell, was reported to Meta by researcher Lachlan Davidson on November 29 and publicly disclosed on Wednesday, when a fix was rolled out. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-exploiting-react2shell-vulnerability-amazon
-
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge.The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been addressed in React versions 19.0.1, 19.1.2, and 19.2.1.According…
-
Beijing-linked hackers are hammering max-severity React bug, AWS warns
State-backed attackers started poking flaw as soon as it dropped anyone still unpatched is on borrowed time First seen on theregister.com Jump to article: www.theregister.com/2025/12/05/aws_beijing_react_bug/
-
China-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware Implants
Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits sophisticated technical capabilities, advanced operations security skills, and extensive knowledge of cloud and virtual machine environments. In addition to BRICKSTORM, WARP PANDA has deployed JSP web shells…
-
Hackers Abuse Microsoft Teams Notifications to Launch Callback Phishing Attacks
A sophisticated phishing campaign is targeting users through Microsoft Teams notifications, exploiting the platform’s trusted status to deliver deceptive messages that appear legitimate to both recipients and email security filters. Threat actors are leveraging Teams’ official notification system to send emails from the no-reply@teams.mail.microsoft address, creating a false sense of authenticity that makes detection increasingly difficult. The…
-
Hackers Abuse Microsoft Teams Notifications to Launch Callback Phishing Attacks
A sophisticated phishing campaign is targeting users through Microsoft Teams notifications, exploiting the platform’s trusted status to deliver deceptive messages that appear legitimate to both recipients and email security filters. Threat actors are leveraging Teams’ official notification system to send emails from the no-reply@teams.mail.microsoft address, creating a false sense of authenticity that makes detection increasingly difficult. The…
-
China-Nexus Hackers Exploiting React2Shell Vulnerability in Active Attacks
Within hours of the public disclosure of CVE-2025-55182 on December 3, 2025, Amazon threat intelligence teams detected active exploitation attempts from multiple China-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components carries a maximum CVSS score of 10.0 and poses an immediate threat to organizations running vulnerable versions…
-
Hackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote Access
The cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that defenders must now contend with. This newly discovered threat demonstrates the convergence of multiple attack techniques, enabling attackers to…
-
Russian Calisto Hackers Target NATO Research with ClickFix Malware
Tags: credentials, cyber, defense, hacker, intelligence, malicious, malware, phishing, russia, service, spear-phishing, threat, ukraineRussian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attributed to Russia’s FSB intelligence service, has escalated its spear-phishing campaigns throughout 2025, leveraging the ClickFix malicious code technique to target high-value entities across…
-
Hackers Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells
A critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are leveraged the vulnerability to install webshells and establish persistent network access, marking a significant escalation in targeting enterprise VPN infrastructure. The…
-
Hackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote Access
The cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that defenders must now contend with. This newly discovered threat demonstrates the convergence of multiple attack techniques, enabling attackers to…
-
China-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware Implants
Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits sophisticated technical capabilities, advanced operations security skills, and extensive knowledge of cloud and virtual machine environments. In addition to BRICKSTORM, WARP PANDA has deployed JSP web shells…
-
Bybit-Hack: Berüchtigter Hacker fängt sich selbst Malware ein
Ein am großen Bybit-Hack beteiligter nordkoreanischer Hacker hat sein eigenes System wohl versehentlich mit Malware infiziert. Nun ist mehr über ihn bekannt. First seen on golem.de Jump to article: www.golem.de/news/bybit-hack-beruechtigter-hacker-faengt-sich-selbst-malware-ein-2512-202958.html