Tag: hacker
-
Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say
Officials and experts believe the most likely threat from Iranian hackers is not a digital shock-and-awe campaign, but something quieter: opportunistic intrusions, dressed up to look bigger than they are. First seen on therecord.media Jump to article: therecord.media/iran-cyber-warfare-haugh
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-pack2theroot-flaw-gives-hackers-root-linux-access/
-
Hackers Exploit Agent ID Administrator Role to Hijack Service Principals
A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID Administrator role to hijack arbitrary service principals across an organization’s tenant, leading to potential privilege escalation. Although the administrative role was designed strictly to manage AI agent identities, a boundary breakdown…
-
Fake CAPTCHA Scam Triggers Costly SMS Fraud
Hackers are abusing fake CAPTCHA pages to run a silent but lucrative international SMS fraud scheme, turning routine “prove you’re human” checks into a revenue engine built on international revenue share fraud (IRSF). Attackers set up lookalike and scam domains that eventually redirect victims through a traffic distribution system (TDS) to a fake CAPTCHA page.…
-
French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks
French police arrest HexDex hacker, a 20-year-old suspect accused of mass data theft and leaks targeting government, sports groups, and firms. First seen on hackread.com Jump to article: hackread.com/french-police-arrest-hexdex-hacker-data-leak-leaks/
-
Hackers Exploit Pastebin PowerShell Script to Hijack Telegram Sessions
Hackers are experimenting with a new Telegram”‘focused session stealer that hides in a Pastebin”‘hosted PowerShell script posing as a Windows telemetry update, giving defenders a rare view into how such tools are built and tested. The script does not attempt to grab passwords or browser credentials; instead, it focuses entirely on Telegram’s desktop client data…
-
Void Dokkaebi Hackers Spread Malware Through Fake Job Interviews
Void Dokkaebi, also known as Famous Chollima, is expanding its cyber operations by turning fake job interviews into a large-scale malware distribution campaign targeting developers. The campaign begins with attackers posing as recruiters from cryptocurrency or AI companies. Developers are invited to complete coding tests that require cloning and running seemingly legitimate repositories from platforms…
-
Google drafts AI agents to secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…
-
Hackers Exploit Ollama Model Uploads to Leak Server Data
Cybersecurity researchers have uncovered a severe, unpatched vulnerability in Ollama, a popular open-source platform used for running large language models locally. Tracked as CVE-2026-5757, this critical flaw exists in Ollama’s model quantization engine. If exploited, it allows an unauthenticated attacker to steal sensitive server data by simply uploading a maliciously crafted AI model file. How…
-
Hackers Exploit Ollama Model Uploads to Leak Server Data
Cybersecurity researchers have uncovered a severe, unpatched vulnerability in Ollama, a popular open-source platform used for running large language models locally. Tracked as CVE-2026-5757, this critical flaw exists in Ollama’s model quantization engine. If exploited, it allows an unauthenticated attacker to steal sensitive server data by simply uploading a maliciously crafted AI model file. How…
-
China-Linked Hackers Hide Behind Compromised Routers
Hackers linked to China are increasingly abusing compromised routers and edge devices to build covert networks, enabling stealthy cyber operations that are harder to detect and block. Instead of relying on dedicated servers or purchased hosting, threat actors are now leveraging large-scale botnets made up of hacked small office/home office (SOHO) routers, IoT devices, and…
-
Behörden warnen: Chinesische Hacker kapern massenhaft Router und IoT-Geräte
Die kompromittierten Netzwerkgeräte werden laut Behördenwarnung missbraucht, um darüber Cyberangriffe auszuführen und Traffic zu verschleiern. First seen on golem.de Jump to article: www.golem.de/news/behoerden-warnen-chinesische-hacker-kapern-massenhaft-router-und-iot-geraete-2604-207951.html
-
Hackers Track 900+ React2Shell Exploits via Telegram Bots
Hackers are using Telegram bots and AI tooling to run a structured, at-scale exploitation campaign abusing the critical React2Shell vulnerability (CVE-2025-55182), with evidence of 900+ confirmed compromises. Investigators found an exposed server tied to the Bissa scanner platform, used for multi-victim exploitation, staging, and validation rather than simple data dumping. Logs and project artifacts show…
-
Hackers Exploit SS7 and Diameter Flaws to Track Mobile Users Globally
A recent investigation by Citizen Lab has uncovered sophisticated, multi-year surveillance campaigns exploiting foundational vulnerabilities in global mobile networks. The report, titled >>Bad Connection,<< reveals how suspected commercial surveillance vendors (CSVs) weaponize the SS7 and Diameter signaling protocols to covertly track high-profile individuals across the globe without interacting directly with their devices. These findings underscore…
-
China-Backed Hackers Are Industrializing Botnets
China’s state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/china-hackers-industrializing-botnets
-
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/
-
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/
-
Google drafts AI agents secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
Google drafts AI agents secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
Google drafts AI agents secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
Google drafts AI agents secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
Google drafts AI agents secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl: Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk.Wiz is being positioned as the connective tissue across environments, supporting everything from AWS and Azure to SaaS platforms and AI agent studios.”Wiz now supports Databricks as well as new agent studios…
-
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
Investigators found the malware, dubbed Firestarter, on a federal agency’s network in a campaign dating back to at least September 2025. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-firestarter-malware-cisa-warning/
-
Hacked Devices Are Gateways for Chinese Nation-State Hackers
Routing Malicious Traffic Through Hacked IoT Devices Is Leading to ‘IoC Extinction’. Networks comprised of hacked domestic devices underpin a mounting number of Chinese nation-state hacking operations, warned British, U.S. and a slew of other national cybersecurity agencies. The networks comprise small office home office routers, IoT equipment and smart devices. First seen on govinfosecurity.com…
-
US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March
CISA said the unnamed department was infected with malware called “FIRESTARTER” that allowed the hackers to return to the Cisco device in March without re-exploiting the original vulnerabilities. First seen on therecord.media Jump to article: therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor