Tag: hacker
-
KI-Agent eskaliert seine Rechte – Hacker können Kundenprojekte in Googles Vertex AI übernehmen
First seen on security-insider.de Jump to article: www.security-insider.de/unit42-kritische-luecke-gcp-vertex-ai-service-accounts-a-e8341154f6fdfaa8d3a1e9d0af42eda5/
-
Vercel Data Breach Linked to Earlier Context.ai Compromise
Hackers breached systems of Vercel, a popular frontend cloud platform provider and Next.js maintainer, in an attack that’s been traced back to the compromise earlier this year of a Context.ai employee’s system. The threat group ShinyHunters is asking for $2 million for the data stolen in yet another attack linked to a third-party provider. First…
-
Vercel Data Breach Linked to Earlier Context.ai Compromise
Hackers breached systems of Vercel, a popular frontend cloud platform provider and Next.js maintainer, in an attack that’s been traced back to the compromise earlier this year of a Context.ai employee’s system. The threat group ShinyHunters is asking for $2 million for the data stolen in yet another attack linked to a third-party provider. First…
-
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful
Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command…
-
British Scattered Spider hacker pleads guilty to crypto theft charges
A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/british-scattered-spider-hacker-pleads-guilty-to-crypto-theft-charges/
-
British Hacker Tyler Buchanan Pleads Guilty to $8M Hacking Scheme in US
Tyler Robert Buchanan, a 24-year-old British hacker linked to Scattered Spider, admits to a multi-year US hacking scheme involving at least $8M in crypto theft. First seen on hackread.com Jump to article: hackread.com/british-hacker-tyler-buchanan-guilty-hacking-scheme/
-
Intel Utility Hijacked in AppDomain Attack to Launch Malware
Hackers are abusing a trusted Intel utility to quietly launch advanced malware by hijacking the .NET AppDomain mechanism, allowing malicious code to run inside a signed executable and evade many enterprise defenses. The campaign, dubbed Operation PhantomCLR by researchers, targets financial and other organizations in the Middle East and wider EMEA region using highly targeted…
-
Hackers exploit Vercel’s trust in AI integration
Allegedly breached by ShinyHunters: According to screenshots circulating on the internet, a threat actor has already claimed the breach on the dark web and is attempting to sell the spoils. “Greetings All, Today I am selling Access Key/ Source Code/ Database from Vercel company,” the actor said in one of such posts. “Give me a…
-
British hacker tied to Scattered Spider campaign pleads guilty in $8M scheme
A British hacker pleaded guilty in U.S. federal court to participating in a sweeping cybercrime campaign that siphoned at least $8 million in cryptocurrency from companies and individuals, federal prosecutors said. First seen on therecord.media Jump to article: therecord.media/hacker-scattered-spider-guilty-plea
-
Iran’s MOIS Tied to Coordinated Cyber Campaign Using Multiple Hacker Personas
A single Iranian state-directed operation is hiding behind several so”‘called “hacktivist” brands, using different online identities to run one coordinated global cyber campaign. New analysis links three prominent personas Homeland Justice, Karma/KarmaBelow80, and Handala to Iran’s Ministry of Intelligence and Security (MOIS), rather than to independent hacktivist groups as they claim. Researchers say these identities act as interchangeable…
-
Zero-Day-Lücken unter Beschuss: Angriffe auf Windows-Systeme beobachtet
Hacker haben drei kürzlich bekanntgewordene Sicherheitslücken im Windows Defender ausgenutzt. Nur für eine davon gibt es bisher einen Patch. First seen on golem.de Jump to article: www.golem.de/news/zero-day-luecken-unter-beschuss-angriffe-auf-windows-systeme-beobachtet-2604-207763.html
-
TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. The campaign leverages CVE-2024-3721, an OS command injection vulnerability, highlighting how poorly secured IoT devices continue to fuel large-scale distributed denial-of-service (DDoS) attacks. Threat actors exploit CVE-2024-3721 by manipulating the “mdb” and “mdc”…
-
Microsoft-Signed Malware Built With FUD Crypt Packs Persistence and C2
Hackers are abusing a service called FUD Crypt to generate fully undetected, Microsoft”‘signed malware that installs persistence and connects to a dedicated command”‘and”‘control (C2) platform with zero effort on the buyer’s part. This Malware”‘as”‘a”‘Service (MaaS) offering turns ordinary payloads into polymorphic, signed loaders that are extremely hard for both security tools and human analysts to…
-
Cyberangriff auf Vercel: Hacker erbeutet Kundendaten von Cloud-Entwicklerplattform
Ein Hacker ist in interne Systeme von Vercel eingedrungen. Er soll unter anderem Anmeldedaten und Umgebungsvariablen von Kunden erbeutet haben. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-trifft-vercel-grosse-cloud-entwicklerplattform-gehackt-2604-207757.html
-
MiningDropper Spreads Infostealers, RATs, Banking Malware on Android
Hackers are abusing a modular Android framework called MiningDropper to mine cryptocurrency and silently install infostealers, remote access trojans (RATs), and banking malware on infected devices. MiningDropper is a multi-stage Android dropper that combines crypto-mining with the delivery of additional malware payloads, including banking trojans, RATs such as BTMOB, and credential-stealing spyware. A recent variant is built…
-
Cyberangriff trifft Vercel: Große Cloud-Entwicklerplattform gehackt
Ein Hacker ist in interne Systeme von Vercel eingedrungen. Er soll unter anderem Anmeldedaten und Umgebungsvariablen von Kunden erbeutet haben. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-trifft-vercel-grosse-cloud-entwicklerplattform-gehackt-2604-207757.html
-
British Hacker Admits Stealing Millions in Virtual Currency From Targeted Companies
A 24-year-old British national, Tyler Robert Buchanan, has pleaded guilty to orchestrating a massive cyberattack campaign that compromised over a dozen U.S. companies and resulted in the theft of at least $8 million in cryptocurrency. According to a Friday announcement from the U.S. Attorney’s Office for the Central District of California, the Scottish hacker admitted…
-
Wie Hacker QEMU als Schutzschild für Ransomware missbrauchen
Hacker haben eine Methode perfektioniert, um unter dem Radar moderner Sicherheitssoftware zu fliegen. Durch den Missbrauch des Open-Source-Emulators QEMU verstecken sie komplette Angriffsszenarien als Ransomware in virtuellen Maschinen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hacker-qemu-ransomware-missbrauchen
-
Vercel confirms breach as hackers claim to be selling stolen data
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vercel-confirms-breach-as-hackers-claim-to-be-selling-stolen-data/
-
Vercel confirms breach as hackers claim to be selling stolen data
Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vercel-confirms-breach-as-hackers-claim-to-be-selling-stolen-data/
-
Cyber attacks fuel surge in cargo theft across logistics industry
Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and logistics companies, running coordinated remote access campaigns to steal cargo and divert payments. These attacks appear to be linked to organized crime. The findings highlight a growing trend of…
-
Security Affairs newsletter Round 573 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware Nexcorium Mirai variant…
-
Security Affairs newsletter Round 573 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware Nexcorium Mirai variant…
-
Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware
Tags: control, data, detection, endpoint, hacker, malicious, malware, open-source, ransomware, sophosAttackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on…
-
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. First seen on hackread.com Jump to article: hackread.com/showdoc-vulnerability-patch-2020-server-takeover/
-
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. First seen on hackread.com Jump to article: hackread.com/showdoc-vulnerability-patch-2020-server-takeover/
-
Wie Hacker über GitHub-Kommentare KI-Agenten von Google und Anthropic kapern
Ein Sicherheitsforscher hat eine neue Form der Prompt Injection aufgedeckt, die populäre KI-Tools wie Claude Code, Gemini CLI und GitHub Copilot verwundbar macht. Über präparierte Kommentare und PR-Titel können Hacker Schadcode ausführen und sensible API-Schlüssel extrahieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/github-kommentare-ki
-
Scattered Spider Hacker Pleads Guilty in US Federal Court
Tyler Buchanan Pleads Guilty to Conspiracy to Commit Wire Fraud and Identity Theft. A senior figure in the Scattered Spider cybercrime group pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft on Friday in US federal district court. The plea marks the conclusion of a digital…
-
Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real-life attacks, according to a cybersecurity firm. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/17/hackers-are-abusing-unpatched-windows-security-flaws-to-hack-into-organizations/
-
New Phishing Attack Turns n8n Into On-Demand Malware Machine
Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation to bypass security defenses. The post New Phishing Attack Turns n8n Into On-Demand Malware Machine appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hackers-abuse-n8n-workflows-malware-delivery/