Tag: hacker
-
Hackers Weaponize Velociraptor DFIR for Stealthy C2 and Ransomware Deployment
Tags: access, control, cyber, exploit, hacker, incident response, infrastructure, open-source, ransomware, threat, tool, vulnerabilityThreat actors are increasingly weaponizing Velociraptor, a legitimate open-source digital forensics and incident response (DFIR) tool, to establish command-and-control (C2) infrastructure and facilitate ransomware attacks. Huntress analysts have documented multiple incidents spanning September through November 2025 where attackers exploited critical vulnerabilities to gain initial access before deploying Velociraptor for persistent remote access and lateral movement.…
-
‘MuddyWater’ Hackers Target Israeli Orgs With Retro Game Tactic
Iran’s top state-sponsored APT is usually rather crass. But in a recent spate of attacks, it tried out some interesting evasion tactics, including delving into Snake, an old-school mobile game. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/muddywater-hackers-israeli-orgs-retro-game
-
Hacker tarnen Schadsoftware als Kultspiel >>Snake<<
Tags: hackerForscher des europäischen Sicherheitsanbieters ESET haben eine komplexe Cyberkampagne der iranischen Gruppe MuddyWater untersucht. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hacker-schadsoftware-snake
-
Hackers Actively Exploit New Windows LNK 0-Day Vulnerability
A newly discovered security flaw in Windows shortcut files is being actively used by hackers to target diplomatic organisations. The vulnerability allows attackers to conceal malicious commands within shortcut files (.lnk), making them invisible to users. The Discovery and Initial Rejection The issue was first highlighted in March 2025 by researchers at Trend Micro. They…
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
King Addons flaw lets anyone become WordPress admin
Hackers are exploiting a King Addons flaw (CVE-2025-8489) that lets anyone register and instantly gain admin privileges on WordPress sites. Hackers are exploiting a critical vulnerability, tracked as CVE-2025-8489 (CVSS score of 9.8), in the WordPress plugin King Addons for Elementor that allows unauthenticated users to create admin accounts via a registration privilege bug. King…
-
‘ShadyPanda’ Hackers Weaponize Millions of Browsers
The China-based cyber-threat group has been quietly using malicious extensions on the Google Chrome and Microsoft Edge marketplaces to spy on millions of users. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/shadypanda-hackers-weaponize-browsers
-
The Congressional remedy for Salt Typhoon? More information sharing with industry
A year after Chinese hackers were found in U.S. telecom networks, Congress and federal agencies have taken few concrete actions to stop the next hack. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-senate-commerce-hearing-fcc-telecom-cybersecurity/
-
Iran-linked hackers target Israeli, Egyptian critical infrastructure through phishing campaign
Active between September 2024 and March 2025, the operation primarily targeted organizations in Israel’s technology, engineering, local government, educational and manufacturing sectors. First seen on therecord.media Jump to article: therecord.media/iran-linked-hackers-target-israel-egypt-phishing
-
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity threat landscape is only intensifying. Gone are the days when the average hacker was a..…
-
How Financial Institutions Can Future-Proof Their Security Against a New Breed of Cyber Attackers
As we look at the remainder of 2025 and beyond, the pace and sophistication of cyber attacks targeting the financial sector show no signs of slowing. In fact, based on research from Check Point’s Q2 Ransomware Report, the financial cybersecurity threat landscape is only intensifying. Gone are the days when the average hacker was a..…
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware
North Korean hackers escalated the “Contagious Interview” attack, flooding the npm registry with over 200 malicious packages to install OtterCookie malware. This attack targets blockchain and Web3 developers through fake job interviews and coding tests. First seen on hackread.com Jump to article: hackread.com/nk-hackers-npm-packages-ottercookie-malware/
-
Ukrainian Hackers Target Russian Aerospace and Defense Sectors
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by Intrinsec. The coordinated attacks between June and September 2025 represent an escalating cyber warfare strategy aimed at disrupting Russian military capabilities and civilian aviation operations.”‹ The campaign involves several prominent…
-
Ukrainian Hackers Target Russian Aerospace and Defense Sectors
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by Intrinsec. The coordinated attacks between June and September 2025 represent an escalating cyber warfare strategy aimed at disrupting Russian military capabilities and civilian aviation operations.”‹ The campaign involves several prominent…
-
Evilginx Attack Techniques Allow Hackers to Defeat MFA Through SSO Phishing
Tags: attack, authentication, credentials, cyber, framework, hacker, login, mfa, open-source, phishing, threatA sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to bypass multi-factor authentication (MFA). The campaign, which has targeted at least 18 universities to date, utilizes adversary-in-the-middle (AiTM) techniques to intercept login credentials and session cookies by mimicking legitimate single…
-
Evilginx Attack Techniques Allow Hackers to Defeat MFA Through SSO Phishing
Tags: attack, authentication, credentials, cyber, framework, hacker, login, mfa, open-source, phishing, threatA sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to bypass multi-factor authentication (MFA). The campaign, which has targeted at least 18 universities to date, utilizes adversary-in-the-middle (AiTM) techniques to intercept login credentials and session cookies by mimicking legitimate single…
-
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper.The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango First seen…
-
Add-ons für Chrome und Edge: 4,3 Millionen Geräte per Update mit Malware infiziert
Hacker haben über mehrere Jahre hinweg zunächst harmlose Erweiterungen für Chrome und Edge veröffentlicht. Doch dann sind Updates mit Schadcode gekommen. First seen on golem.de Jump to article: www.golem.de/news/add-ons-fuer-chrome-und-edge-4-3-millionen-geraete-per-update-mit-malware-infiziert-2512-202816.html
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data. The OpenVPN development team has released urgent updates to address these issues, and administrators are…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data. The OpenVPN development team has released urgent updates to address these issues, and administrators are…
-
Hackers Exploit Telegram, WinSCP, Chrome, and Teams to Deliver ValleyRat Malware
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion techniques, including kernel-level driver abuse, endpoint security tampering, and multi-stage obfuscation designed to evade detection and establish long-term system compromise. The campaign has been attributed…
-
Iran Hackers Take Inspiration From Snake Video Game
MuddyWater Hides Malware With Game Delay Technique. Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn’t nostalgia, say researchers at Eset. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iran-hackers-take-inspiration-from-snake-video-game-a-30177
-
‘Cyber Issue’ Leads to FDA Recall of Baxter Respiratory Gear
Hackers Could Adjust Life Support Settings of At-Home Life 2000 Ventilation System. The Food and Drug Administration is warning that Life 2000 – an at-home ventilation system by medical device maker Baxter – has been permanently recalled due to a cyber issue that could allow individuals with physical access to tamper with the gear’s life…