Tag: hacker
-
Hacker claims to steal 2.3TB data from Italian rail group, Almavia
Data from Italy’s national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization’s IT services provider, Almaviva. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-claims-to-steal-23tb-data-from-italian-rail-group-almavia/
-
Cryptohack Roundup: Samourai Execs, Crypto CEO Sentenced
Also: Obama Twitter Hacker Ordered to Forfeit $5.3 Million. Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Samourai Wallet founders and Oklahoma Crypto CEO sentenced, Obama Twitter hacker ordered to forfeit funds, Chicago crypto ATM CEO charged and White House is reviewing a rule expanding IRS crypto oversight. First seen on…
-
‘Matrix Push’ C2 Tool Hijacks Browser Notifications
Have you ever given two seconds of thought to a browser notification? No? That’s what hackers bent on phishing are counting on. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/matrix-push-c2-tool-hijacks-browser-notifications-phishing
-
UK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackers
After years of delays, the UK government has finally introduced landmark cybersecurity legislation that could reshape how British organisations defend against digital attacks. First seen on fortra.com Jump to article: www.fortra.com/blog/uks-new-cybersecurity-bill-takes-aim-ransomware-gangs-state-backed-hackers
-
Cisco Pledges More Security in Network Equipment
Company to Warn Customers, Disable Insecure Options by Default. Cisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The move comes after Chinese hackers exploited known vulnerabilities in Cisco equipment during major telecom breaches. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-pledges-more-security-in-network-equipment-a-30079
-
Cisco Pledges More Security in Network Equipment
Company to Warn Customers, Disable Insecure Options by Default. Cisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The move comes after Chinese hackers exploited known vulnerabilities in Cisco equipment during major telecom breaches. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-pledges-more-security-in-network-equipment-a-30079
-
New SonicWall SonicOS flaw allows hackers to crash firewalls
American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-sonicwall-sonicos-flaw-allows-hackers-to-crash-firewalls/
-
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used…
-
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud.”A key differentiator is its ability to bypass encrypted messaging,” ThreatFabric said in a report shared with The Hacker News. “By capturing content directly from the device screen after decryption, Sturnus…
-
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-444/
-
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-444/
-
Critical Twonky Server Flaws Let Hackers Bypass Login Protection
Tags: api, authentication, control, credentials, cyber, encryption, endpoint, flaw, hacker, leak, login, password, vulnerabilityTwonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to steal administrator credentials and take complete control of the media server. Security researchers at Rapid7 discovered that an attacker can leak encrypted admin passwords through an unprotected API endpoint, then decrypt them using hardcoded encryption keys embedded directly in the…
-
Hackers Launch 2.3 Million Attacks on Palo Alto GlobalProtect VPN Portals
Security researchers at GreyNoise have uncovered a massive spike in cyberattacks targeting Palo Alto Networks GlobalProtect VPN systems. The assault began on November 14, 2025, and quickly escalated into a coordinated campaign striking millions of login portals worldwide. Massive Attack Surge in Just 24 Hours The attack intensity surged 40-fold in a single day, marking…
-
Ollama Flaws Let Hackers Run Any Code Using Malicious Model Files
Critical security vulnerabilities discovered in Ollama, one of GitHub’s most popular open-source projects with over 155,000 stars, could allow attackers to execute arbitrary code on vulnerable systems. The flaws affect Ollama versions before 0.7.0, putting countless AI enthusiasts and developers who use the platform to run large language models locally at risk. Understanding the Vulnerability…
-
Hackers Launch 2.3 Million Attacks on Palo Alto GlobalProtect VPN Portals
Security researchers at GreyNoise have uncovered a massive spike in cyberattacks targeting Palo Alto Networks GlobalProtect VPN systems. The assault began on November 14, 2025, and quickly escalated into a coordinated campaign striking millions of login portals worldwide. Massive Attack Surge in Just 24 Hours The attack intensity surged 40-fold in a single day, marking…
-
7-Zip RCE Vulnerability Actively Exploited by Hackers
Tags: cve, cvss, cyber, cybersecurity, exploit, flaw, hacker, malicious, rce, remote-code-execution, risk, software, vulnerabilityCybersecurity researchers have reported active exploitation of a critical vulnerability in 7-Zip, the popular file compression software used by millions worldwide. The flaw, tracked as CVE-2025-11001, poses serious risks as attackers are leveraging it to execute malicious code remotely on vulnerable systems. Vulnerability Details CVE ID Vulnerability Type CVSS Score Affected Product CVE-2025-11001 File Parsing…
-
Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting.The development is a sign that the lines between state-sponsored cyber attacks and kinetic warfare are increasingly blurring, necessitating the need for a new category of…
-
Attack Surface Management ein Kaufratgeber
Tags: ai, api, attack, business, cloud, crowdstrike, cyber, cyberattack, cybersecurity, data, detection, dns, framework, hacker, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, microsoft, monitoring, network, open-source, PCI, penetration-testing, risk, service, soc, software, supply-chain, threat, tool, update, vulnerabilityMit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen.Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht mehr aus. Um die Sicherheit von Unternehmensressourcen und Kundendaten zu gewährleisten, ist eine kontinuierliche Überwachung auf neue Ressourcen und Konfigurationsabweichungen erforderlich. Werkzeuge im Bereich Cyber Asset Attack Surface Management (CAASM)…
-
How the classic anime ‘Ghost in the Shell’ predicted the future of cybersecurity 30 years ago
The story of the Ghost in the Shell’s main villain the Puppet Master hinted at a future where governments use hackers for espionage, at a time when most of the world had never connected to the internet. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/19/how-the-classic-anime-ghost-in-the-shell-predicted-the-future-of-cybersecurity-30-years-ago/
-
Chinese PlushDaemon Hackers Exploit EdgeStepper Tool to Hijack Legitimate Updates and Redirect to Malicious Servers
ESET researchers have uncovered a sophisticated attack chain orchestrated by the China-aligned threat actor PlushDaemon, revealing how the group leverages a previously undocumented network implant, EdgeStepper, to conduct adversary-in-the-middle attacks. By compromising network devices and redirecting DNS queries to malicious servers, PlushDaemon intercepts legitimate software updates and replaces them with trojanized versions containing the SlowStepper…
-
Hackers Exploit Tuoni C2 Framework to Stealthily Deploy In-Memory Payloads
In October 2025, Morphisec’s anti-ransomware prevention platform detected and neutralized a sophisticated cyberattack targeting a major U.S. real estate company. The campaign showcased the emerging threat posed by the Tuoni C2 framework a free, modular command-and-control tool designed to deliver stealthy, in-memory payloads while evading traditional security defenses. What made this attack particularly notable was the…
-
Hackers Exploit Tuoni C2 Framework to Stealthily Deploy In-Memory Payloads
In October 2025, Morphisec’s anti-ransomware prevention platform detected and neutralized a sophisticated cyberattack targeting a major U.S. real estate company. The campaign showcased the emerging threat posed by the Tuoni C2 framework a free, modular command-and-control tool designed to deliver stealthy, in-memory payloads while evading traditional security defenses. What made this attack particularly notable was the…
-
Hacker Selling Alleged Samsung Medison Data Stolen In 3rd Party Breach
Hacker using the alias 888, claims to be selling Samsung Medison data taken through a third party breach, including internal files, keys and user info. First seen on hackread.com Jump to article: hackread.com/hacker-samsung-medison-data-breach-3rd-party/
-
Hackers Actively Exploiting 7-Zip Symbolic LinkBased RCE Vulnerability (CVE-2025-11001)
A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday.The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in July…
-
Asus Routers Hacked in ‘WrtHug’ Campaign
Researchers Suspect a Chinese ROB-Building Operation. Suspected Chinese cyberespionage hackers have commandeered tens of thousands of Asus routers in an operation showing a heavy emphasis on infecting devices stationed in Taiwan. The campaign tracks with reports that Beijing is actively pressing unpatched routers into ORB networks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/asus-routers-hacked-in-wrthug-campaign-a-30064
-
Datenpanne bei Eurofiber France
Tags: access, bug, cloud, computer, cyberattack, data-breach, group, hacker, infrastructure, mail, software, sql, vpnDer TK-Anbieter Eurofiber France ist von Datendiebstahl betroffen.Der TK-Konzern Eurofiber Group hat sich auf die digitale Infrastruktur von Unternehmen spezialisiert und betreibt ein Glasfasernetz in den Niederlanden, Belgien, Frankreich und Deutschland. Die Tochtergesellschaft Eurofiber France meldete kürzlich, dass sich Hacker über eine Software-Lücke Zugriff auf das Ticket-Management-System verschafft hätten.Demnach wurden dabei auch Daten abgezogen. Um…
-
PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns
The cyber espionage group uses a previously undocumented network implant to drop two downloaders, LittleDaemon and DaemonLogistics, which deliver a backdoor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/plushdaemon-new-malware-china-spy/
-
Sue The Hackers Google Sues Over Phishing as a Service
Google’s Lighthouse lawsuit signals a new era in cybersecurity, where companies use civil litigation”, including the CFAA, Lanham Act, and RICO”, to dismantle phishing networks, seize malicious infrastructure, and fight hackers when criminal prosecution falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/sue-the-hackers-google-sues-over-phishing-as-a-service/
-
Sue The Hackers Google Sues Over Phishing as a Service
Google’s Lighthouse lawsuit signals a new era in cybersecurity, where companies use civil litigation”, including the CFAA, Lanham Act, and RICO”, to dismantle phishing networks, seize malicious infrastructure, and fight hackers when criminal prosecution falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/sue-the-hackers-google-sues-over-phishing-as-a-service/