Collecting Cyber-News from over 60 sources

Tag: hacker

Hackers Breach ILSpy WordPress Domain to Deliver Malware

Apr 6, 2026 10:51 AM

Tags: attack, breach, cyber, cybersecurity, group, hacker, malware, open-source, software, tool, wordpress

The official WordPress website for ILSpy, a highly popular open-source tool used by software developers to examine .NET code, has been compromised. Hackers successfully breached the site to redirect visitors and deliver malware, turning a trusted developer resource into a dangerous trap. The Redirection Attack Cybersecurity research group vx-underground confirmed the breach after receiving video…
Poisoned Axios Package Spreads Cross-Platform Malware via Phantom Dependency

Apr 6, 2026 10:51 AM

Tags: access, cyber, hacker, linux, macOS, malicious, malware, windows

Hackers hijacked the npm account of Axios’s lead maintainer. They used it to push two malicious releases that silently installed a cross”‘platform remote access trojan (RAT) on macOS, Windows, and Linux systems. Axios is one of the JavaScript ecosystem’s most widely used HTTP clients, with over 100 million weekly downloads on npm, making it deeply…
Hackers Spread Vidar and GhostSocks Malware Through Claude Code Leak

Apr 6, 2026 5:51 AM

Tags: data-breach, hacker, leak, malicious, malware

What happened Hackers are weaponizing the leaked Claude Code source to spread Vidar and GhostSocks malware through malicious repositories that impersonate the exposed codebase. The campaign followed Anthropic’s March 31 packaging error, which exposed the source code for Claude Code in a public npm package through a JavaScript source map file containing more than half…The…
Latest BreachForums Reboot Tied to Fake ShinyHunters Admin

Apr 5, 2026 6:51 PM

Tags: crime, cybercrime, group, hacker

After Hacker Site Gets Resurrected, Cybercrime Group Denies All Involvement Drama continues fast and furious in BreachForums land, as someone claiming to be part of the ShinyHunters crime group said they’ve rebooted the long-running and oft-disrupted forum yet again. But an official ShinyHunters channel denied the group having involvement in any such reboots. First seen…
Hackers exploit React2Shell in automated credential theft campaign

Apr 5, 2026 4:51 PM

Tags: credentials, exploit, hacker, theft, vulnerability

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-react2shell-in-automated-credential-theft-campaign/
Social Engineering: Hacker nehmen Open-Source-Maintainer ins Visier

Apr 5, 2026 1:51 PM

Tags: cyberattack, hacker, open-source, social-engineering

Der Social-Engineering-Angriff auf den Axios-Maintainer ist Teil einer Kampagne. Andere Maintainer wurden ebenfalls attackiert. First seen on golem.de Jump to article: www.golem.de/news/social-engineering-hacker-nehmen-open-source-maintainer-ins-visier-2604-207252.html
Hackers Claim Massive Forex Trading Data Leak Could Expose 438,000 User Records

Apr 5, 2026 5:50 AM

Tags: data, hacker, leak, threat

What happened A claimed Forex data leak is raising concerns after a threat actor said it holds 438,000 user records and 185,000 transaction records allegedly taken from the trading platform. A limited sample was provided to support the claim, and researchers said the sample included one user record and 16 transaction entries. The alleged data…The…
Hackers Are Posting the Claude Code Leak With Bonus Malware

Apr 4, 2026 12:52 PM

Tags: cisco, hacker, hacking, leak, malware, risk, supply-chain, tool

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply chain hacking spree, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-are-posting-the-claude-code-leak-with-bonus-malware/
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers

Apr 4, 2026 11:52 AM

Tags: breach, cyber, hacker, social-engineering, software, supply-chain, threat

Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and npm maintainers. Security researchers confirm that the Axios breach was part of a scalable operation aimed at infiltrating the global software supply chain. The threat actors are actively hunting developers…
ShinyHunters Claims Rebooted BreachForums Now More Secure

Apr 3, 2026 11:52 PM

Tags: group, hacker, law, scam

Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it’s rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.…
Drift loses $280 million as North Korean hackers seize Security Council powers

Apr 3, 2026 11:52 PM

Tags: control, hacker, north-korea, threat

The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-north-korean-hackers-seize-security-council-powers/
Security lapse lets researchers view React2Shell hackers’ dashboard

Apr 3, 2026 10:52 PM

Tags: access, attack, breach, credentials, data-breach, exploit, hacker, Internet, risk, update, vulnerability

Industrial scale: “This is all about neglect and efficiency,” Gene Moody, field CTO at patch management provider Action1, told CSO . “React2Shell quickly met all the criteria attackers look for: public disclosure, reliable exploitation, and internet-facing exposure. That combination effectively guaranteed widespread abuse. Since then, multiple campaigns have automated the full [attack] lifecycle [of], scanning,…
CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers

Apr 3, 2026 10:52 PM

Tags: china, cisa, exploit, government, hacker, software, update, vulnerability

A bug in a popular line of video conferencing software is being exploited by hackers, prompting the U.S. government to order all agencies to patch the vulnerability within two weeks. First seen on therecord.media Jump to article: therecord.media/trueconf-cyberattack-cisa-hackers
North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Apr 3, 2026 7:51 PM

Tags: github, hacker, north-korea, spy

Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean… First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-github-spy-south-korean-firms/
FBI Declares Surveillance System Breach a ‘Major Incident’

Apr 3, 2026 6:52 PM

Tags: breach, china, data, hacker

China-linked hackers breached an FBI surveillance system, exposing sensitive investigation data and prompting a “major incident” classification. The post FBI Declares Surveillance System Breach a ‘Major Incident’ appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-china-linked-fbi-surveillance-breach-major-incident/
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting

Apr 3, 2026 6:52 PM

Tags: attack, breach, hacker, radius, supply-chain

As organizations disclose breaches tied to TeamPCP’s supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/teampcp-attacks-hacker-infighting
AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data

Apr 3, 2026 5:51 PM

Tags: ai, attack, breach, data, hacker, supply-chain

AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems. First seen on hackread.com Jump to article: hackread.com/ai-firm-mercor-breach-hackers-4tb-data/
North Korealinked hackers drain $285M from Drift in sophisticated attack

Apr 3, 2026 5:51 PM

Tags: attack, control, crypto, hacker, korea, north-korea, threat

Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions, while also compromising multisig approvals…
Ukraine warns Russian hackers are revisiting past breaches to prepare new attacks

Apr 3, 2026 3:50 PM

Tags: access, attack, breach, credentials, exploit, hacker, infrastructure, russia, ukraine, vulnerability

In a new report, CERT-UA said attackers are revisiting previously breached infrastructure to check whether access is still available, whether exploited vulnerabilities have been patched and whether previously obtained credentials remain valid. First seen on therecord.media Jump to article: therecord.media/ukraine-warns-russian-hackers-revisiting-old-attacks
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

Apr 3, 2026 11:51 AM

Tags: communications, control, defense, group, hacker, iran

Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Wind Technologies, an Israeli engineering and IT firm specializing in integrated systems for defense and critical communications, including command and control solutions. Handala appears as a…
Trusted Platforms Exploited to Steal Philippine Banking Credentials

Apr 3, 2026 11:51 AM

Tags: attack, banking, credentials, cyber, email, exploit, finance, hacker, phishing

Hackers are increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. Despite ongoing improvements in email security, phishing remains one of the most effective attack methods due to its scalability and ease of deployment. The campaign, active since early 2024 and still evolving in 2026, primarily targets customers…
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration

Apr 3, 2026 9:51 AM

Tags: credentials, cyber, data, hacker, malware, social-engineering, theft

Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom Stealer is a strong example of this shift. Instead of just stealing credentials once, Venom creates a continuous data exfiltration pipeline, allowing attackers to monitor and extract sensitive information long after the initial infection.…
Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks

Apr 3, 2026 9:51 AM

Tags: attack, botnet, control, crime, crypto, cyber, hacker, infrastructure, ransomware, theft

Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a peer”‘to”‘peer (P2P) protocol, allowing infected machines to share commands and node lists directly with each…
Iranische Akteure – Hacker knacken Mailfach des FBI-Chefs Patel

Apr 3, 2026 9:51 AM

Tags: hacker

First seen on security-insider.de Jump to article: www.security-insider.de/fbi-direktor-kash-patel-hackerangriff-handala-a-e63512a54ad9a4b89c859b40a1c9c5d7/
Drift loses $280 million North Korean hackers seize Security Council powers

Apr 3, 2026 8:51 AM

Tags: control, hacker, north-korea, threat

The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-north-korean-hackers-seize-security-council-powers/
North Korea-Linked Hackers Hit Axios npm in Supply Chain Attack

Apr 3, 2026 8:51 AM

Tags: attack, breach, credentials, cyber, hacker, korea, malicious, north-korea, software, supply-chain, threat

A major software supply chain attack has been uncovered after threat actors compromised the widely used Axios npm package, impacting developers and organizations worldwide. The incident, detected on March 31, 2026, involved the use of stolen maintainer credentials to inject malicious code into the popular HTTP client library. Axios is one of the most widely…
Telehealth giant Hims Hers says its customer support system was hacked

Apr 2, 2026 11:53 PM

Tags: data, hacker

The U.S. telehealth giant says hackers stole customer support ticket data over the course of several days in February. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/02/telehealth-giant-hims-hers-says-its-customer-support-system-was-hacked/
ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak

Apr 2, 2026 10:51 PM

Tags: cisco, hacker, leak, theft

ShinyHunters hackers claim they stole 3 million+ Cisco records via Salesforce and AWS, warning of a public leak if demands are not met by April 3, 2026. First seen on hackread.com Jump to article: hackread.com/shinyhunters-hackers-cisco-records-data-leak/
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Apr 2, 2026 10:51 PM

Tags: api, breach, credentials, cve, exploit, github, hacker, infection, service, threat, vulnerability

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale.Cisco Talos has attributed the operation to a threat cluster it tracks as First seen on…
Drift loses $280 million as hackers seize Security Council powers

Apr 2, 2026 9:52 PM

Tags: control, hacker, threat

The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/