Tag: hacker
-
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE-2025-59367 (CVSS score of 9.3), in multiple DSL routers that allows remote, unauthenticated attackers to easily access unpatched devices. The vulnerability impacts DSL-AC51, DSL-N16, DSL-AC750 router families, the…
-
Chinese state hackers used Anthropic AI systems in dozens of attacks
Artificial intelligence giant Anthropic found that a Chinese espionage group used the company’s AI systems to handle the majority of tasks during cyberattacks on about 30 entities, several of which were successfully breached. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-anthropic-cyberattacks
-
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads.”The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure,” NVISO researchers…
-
Chinese State Hackers Jailbroke Claude AI Code for Automated Breaches
Anthropic, the developer behind Claude AI, says a Chinese state sponsored group used its model to automate most of a cyber espionage operation against about 30 companies with Claude handling up to 90% of the technical work. First seen on hackread.com Jump to article: hackread.com/chinese-hackers-jailbroke-claude-ai-breaches/
-
Checkout.com snubs hackers after data breach, to donate ransom instead
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/checkoutcom-snubs-shinyhunters-hackers-to-donate-ransom-instead/
-
Checkout.com snubs hackers after data breach, to donate ransom instead
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/checkoutcom-snubs-shinyhunters-hackers-to-donate-ransom-instead/
-
Suspected Russian hacker reportedly detained in Thailand, faces possible US extradition
Russian news reports and Thai sources said police had detained an alleged Russian hacker on the island of Phuket and transferred him to Bangkok for possible transfer to the U.S. First seen on therecord.media Jump to article: therecord.media/russian-hacker-detained-thailand-possible-us-extradition
-
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign.The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).”The…
-
Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign
AI vendor Anthropic says a China-backed threat group used the agentic capabilities in its Claude AI model to automate as much as 90% of the operations in a info-stealing campaign that presages how hackers will used increasingly sophisticated AI capabilities in future cyberattacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/anthropic-claude-ai-used-by-chinese-back-hackers-in-spy-campaign/
-
Anthropic: China-Based Hackers Used Claude to Automate Global Cyberattack
Chinese state-backed hackers hijacked Anthropic’s Claude AI to run an autonomous global cyberattack, marking a major shift in AI-driven cyberwarfare. The post Anthropic: China-Based Hackers Used Claude to Automate Global Cyberattack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-anthropic-china-hackers-claude/
-
Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign
AI vendor Anthropic says a China-backed threat group used the agentic capabilities in its Claude AI model to automate as much as 90% of the operations in a info-stealing campaign that presages how hackers will used increasingly sophisticated AI capabilities in future cyberattacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/anthropic-claude-ai-used-by-chinese-back-hackers-in-spy-campaign/
-
Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its runtime components, making it vulnerable to tampering through MCP server registration. The attack works by registering a local MCP…
-
Nach Cyberangriff: Zahlungsdienstleister trickst Hacker mit einer Spende aus
Ein Cyberangriff hat den Zahlungsdienstleister Checkout.com getroffen. Dieser zahlt das Lösegeld – allerdings nicht an die Angreifer. First seen on golem.de Jump to article: www.golem.de/news/fuer-cybercrime-forschung-dienstleister-spendet-von-hackern-gefordertes-loesegeld-2511-202195.html
-
Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code
Anthropic’s Claude Code AI assistant performed 80% to 90% of the tasks involved in a recent cyber-attack campaign, said Anthropic researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-cyberattacks-ai/
-
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters
Tags: access, ai, attack, automation, backup, breach, bug-bounty, cloud, credentials, cyber, cybersecurity, data, defense, endpoint, exploit, hacker, healthcare, identity, infrastructure, Internet, iot, least-privilege, malicious, network, phishing, startup, technology, threat, tool, update, vpn, vulnerability, zero-dayWhile there’s no doubt AI holds great potential for cybersecurity, in practice, it’s mainly being used to automate what we’re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones. Attackers already have systemic advantages that AI amplifies dramatically. While there are some great examples of how…
-
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters
Tags: access, ai, attack, automation, backup, breach, bug-bounty, cloud, credentials, cyber, cybersecurity, data, defense, endpoint, exploit, hacker, healthcare, identity, infrastructure, Internet, iot, least-privilege, malicious, network, phishing, startup, technology, threat, tool, update, vpn, vulnerability, zero-dayWhile there’s no doubt AI holds great potential for cybersecurity, in practice, it’s mainly being used to automate what we’re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones. Attackers already have systemic advantages that AI amplifies dramatically. While there are some great examples of how…
-
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a “highly sophisticated espionage campaign” in mid-September 2025.”The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree using AI not just as an advisor, but to execute the cyber attacks themselves,” the AI upstart…
-
Hackers Exploited Cisco ISE Zero-Day
Tags: access, authentication, cisco, control, exploit, flaw, hacker, hacking, network, remote-code-execution, software, vulnerability, zero-dayFlaw Enabled Remote Code Execution, Say AWS Researchers. Researchers from AWS said they spotted a hacking campaign taking advantage of a zero-day vulnerability in Cisco network access control software before the routing giant patched it earlier this year. The flaw let attackers perform pre-authentication remote code execution. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-exploited-cisco-ise-zero-day-a-30031
-
Feds Fumble Cisco Patches as China-Linked Hackers Strike
CISA Says Agencies Believed They Patched Cisco Flaws But Had Not. The U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive. First seen on govinfosecurity.com Jump to article:…
-
Breach Roundup: UK Probes Chinese-Made Electric Buses
Also, North Korean Hackers Remotely Wipe Android Devices. This week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google’s Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web…
-
Dangerous runC Flaws Could Allow Hackers to Escape Docker Containers
New runC vulnerabilities allow potential container escapes and host takeover, putting Docker, Kubernetes, and cloud-native environments at risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/runc-vulnerability-container-risk/
-
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests’ Payment Data
A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year.The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel reservations with spam emails. The campaign is said to have…
-
Kerberoasting in 2025: How to protect your service accounts
Kerberoasting attacks let hackers steal service account passwords and escalate to domain admin, often without triggering alerts. Specops Software shares how auditing AD passwords, enforcing long unique credentials, and using AES encryption can shut these attacks down early. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kerberoasting-in-2025-how-to-protect-your-service-accounts/
-
Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across at least 11 user accounts, remained active in the registry for nearly two years before detection. The campaign derives its distinctive name from its unique package naming scheme. The embedded…
-
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems…
-
Nach Phishing-Angriff auf Android-User: Hacker nutzen Googles Find Hub, um ihre Spuren zu verschleiern
First seen on t3n.de Jump to article: t3n.de/news/phishing-angriff-android-hacker-find-hub-ausnutzen-1716406/
-
Ticketshop infiltriert: Hacker erbeutet Kreditkartendaten von Miniatur Wunderland
Das Miniatur Wunderland Hamburg ist Ziel einer Cyberattacke geworden. Der Angreifer konnte wohl vollständige Kreditkartendaten abgreifen. First seen on golem.de Jump to article: www.golem.de/news/ticketshop-infiltriert-hacker-erbeutet-kreditkartendaten-von-miniatur-wunderland-2511-202128.html
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…
-
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries.The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit trusted…
-
Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software
Tags: attack, backdoor, cyber, cybersecurity, data, hacker, intelligence, malware, monitoring, software, theft, toolCybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect, transforming trusted administrative tools into weapons for data theft and remote system compromise. While the…