Tag: hacker
-
Web App Pentest by AutoSecT
Web applications run almost every business today. They handle logins, payments, user data, and daily operations. As usage grows, risk grows too. Hackers look for small gaps. Even a minor flaw can lead to a serious attack. This is why web app pentest is now a basic need. It helps you find weak points before……
-
Thousands of Facebook accounts stolen by phishing emails sent through Google
In an ongoing operation, hackers are hijacking Facebook accounts using Google AppSheet to send phishing emails that pass security checks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/thousands-of-facebook-accounts-stolen-by-phishing-emails-sent-through-google/
-
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/alleged-scattered-spider-hacker-extradition
-
cPanel-Lücke: Hacker kapern massenhaft Webportale und schleusen Ransomware ein
Für Webdienstbetreiber wird es höchste Zeit, ihre cPanel-Instanzen zu patchen. Angreifer nutzen eine kritische Lücke für Ransomware-Attacken aus. First seen on golem.de Jump to article: www.golem.de/news/cpanel-luecke-hacker-kapern-massenhaft-webportale-und-fordern-loesegeld-2605-208263.html
-
cPanel-Lücke: Hacker kapern massenhaft Webportale und fordern Lösegeld
Für Webdienstbetreiber wird es höchste Zeit, ihre cPanel-Instanzen zu untersuchen. Angreifer schleusen durch eine kritische Lücke Ransomware ein. First seen on golem.de Jump to article: www.golem.de/news/cpanel-luecke-hacker-kapern-massenhaft-webportale-und-fordern-loesegeld-2605-208263.html
-
Hunderte Industrie-Anlagen ohne Passwort im Internet
Hunderte Industrie-Steuerungen sind ohne Passwort über das Internet erreichbar. Hacker nutzen die Lücken bereits für gezielte Sabotage-Angriffe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/industrie-anlagen-ohne-passwort
-
ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts
What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 authorization code flow to hijack accounts without passwords and despite multi-factor authentication being enabled. The original ConsentFix was documented by Push Security in December 2025 as an…The…
-
ConsentFix v3 attacks target Azure with automated OAuth abuse
A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding automation and scaling potential. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/consentfix-v3-attacks-target-azure-with-automated-oauth-abuse/
-
KI-Spionage bei Bitwarden und Checkmarx: Hacker kapern Entwickler-Tools
Hacker haben offizielle Kanäle von Bitwarden und Checkmarx gekapert. Erstmals stehlen Angreifer gezielt Daten von KI-Assistenten. Wie Sie Ihre Pipeline schützen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ki-spionage-checkmarx
-
Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers
The exploit, dubbed CopyFail and tracked as CVE-2026-31431, allows hackers to take over PCs and data center servers. The Linux vulnerabilities have been patched”, but many machines remain at risk. First seen on wired.com Jump to article: www.wired.com/story/dangerous-new-linux-exploit-gives-attackers-root-access-to-countless-computers/
-
ConsentFix v3 attacks target Azure with automated OAuth abuse
A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding automation and scaling potential. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/consentfix-v3-attacks-target-azure-with-automated-oauth-abuse/
-
Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers
A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus. First seen on hackread.com Jump to article: hackread.com/hackers-jenkins-ddos-botnet-gaming-servers/
-
Digital attacks drive a new wave of cargo theft, FBI says
The FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft. The FBI has issued a Public Service Announcement (PSA) about a surge in cyber-enabled cargo theft, with hackers increasingly targeting brokers and carriers. This trend confirms earlier findings from Proofpoint and alerts…
-
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO.Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to First seen…
-
New Global Scam Uses Fake Meeting Links to Run PowerShell Malware
BlueNoroff hackers used fake Zoom calls, ClickFix prompts, and fileless PowerShell malware to steal credentials from Web3 and crypto targets. The post New Global Scam Uses Fake Meeting Links to Run PowerShell Malware appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-lazarus-bluenoroff-fake-video-call-malware/
-
China-Aligned Hackers Deploy ShadowPad in Multi-Stage Espionage Campaign
Tags: china, cyber, espionage, exploit, government, group, hacker, infrastructure, microsoft, threat, vulnerabilityChina-aligned threat actors tracked as SHADOW-EARTH-053 are exploiting old but unpatched Microsoft Exchange and IIS vulnerabilities to run a stealthy, multi-stage espionage campaign across Asian governments, critical infrastructure, and one NATO member state. The group primarily targets government entities and critical infrastructure in South, East, and Southeast Asia, with additional activity against at least one…
-
Staats-Hacker nutzen Schwachstellen in Windows und ConnectWise
CISA fügt aktiv ausgenutzte Windows- und ConnectWise-Lücken dem KEV-Katalog hinzu. APT28 und Storm-1175 nutzen diese für Spionage und Ransomware. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/windows-staats-hacker-schwachstellen
-
Breach Roundup: US Cyber Command Flags Election Threats
Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE Flaw. This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution. First seen on govinfosecurity.com Jump to article:…
-
Hackers earning millions from hijacked cargo, FBI says
In an advisory this week, FBI officials said cyber actors have spent the last two years breaking into the systems of brokers and carriers, allowing them to pose as victim companies and post fraudulent listings on freight delivery message boards. First seen on therecord.media Jump to article: therecord.media/hackers-earning-millions-from-hijacked-cargo-fbi
-
Hackers are actively exploiting a bug in cPanel, used by millions of websites
Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/30/hackers-are-actively-exploiting-a-bug-in-cpanel-used-by-millions-of-websites/
-
FBI: Chinese Hacker Extradition Sends a Global Message
Alleged Nation-State Hacker Being Held in Houston Jail. U.S. prosecutors allege 34-year-old Chinese national Xu Zewei operated under China’s Ministry of State Security to hack universities and firms during the pandemic, exploiting VPN and Exchange flaws and exfiltrating research data in a Silk Typhoon campaign. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fbi-chinese-hacker-extradition-sends-global-message-a-31561
-
Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw. First seen on hackread.com Jump to article: hackread.com/misconfigured-server-hackers-leak-stolen-credit-cards/
-
Hackers stole hundreds of thousands of Roblox accounts: Here’s what to do
Hackers used fake Roblox “game enhancements” to steal login details from hundreds of thousands of players, then sold the accounts for profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/hackers-stole-hundreds-of-thousands-of-roblox-accounts-heres-what-to-do/
-
Hackers stole hundreds of thousands of Roblox accounts: Here’s what to do
Hackers used fake Roblox “game enhancements” to steal login details from hundreds of thousands of players, then sold the accounts for profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/hackers-stole-hundreds-of-thousands-of-roblox-accounts-heres-what-to-do/
-
Hackers stole hundreds of thousands of Roblox accounts: Here’s what to do
Hackers used fake Roblox “game enhancements” to steal login details from hundreds of thousands of players, then sold the accounts for profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/hackers-stole-hundreds-of-thousands-of-roblox-accounts-heres-what-to-do/
-
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/
-
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/
-
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/ukraine-roblox-account-hacking-scheme/
-
Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/iran-handala-hackers-leak-us-marines-data-chilling-whatsapp-threats