Tag: hacker
-
Drift loses $280 million as hackers seize Security Council powers
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/
-
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that >>hundreds of thousands of stolen secrets could potentially be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/02/supply-chain-hacks-data-theft/
-
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that >>hundreds of thousands of stolen secrets could potentially be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/02/supply-chain-hacks-data-theft/
-
Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems. First seen on hackread.com Jump to article: hackread.com/microsoft-whatsapp-attachments-backdoor-windows-pcs/
-
Iranian Hacker Group Handal Claims Breach of Israeli Defense Firm
Tags: breach, cyber, cybersecurity, data, data-breach, defense, group, hacker, international, iran, military, threatThe international cybersecurity community was alerted to a major data breach involving Israeli military infrastructure. Handala, a recognized Iranian nation-state threat actor, claims to have successfully breached PSK Wind Technologies, a key Israeli defense contractor. The incident has resulted in the public release of highly classified military data, representing a significant compromise of sensitive operational…
-
Fake CERT-UA Site Spreads Go-Based RAT in Phishing Campaign
Hackers have launched a targeted phishing campaign by cloning Ukraine’s official CERT-UA website and distributing malicious software disguised as a security tool, according to a new alert from the national cyber response team. Targets included government agencies, financial institutions, educational bodies, medical centers, and IT companies. The emails urged recipients to download a password-protected archive…
-
RFQ Malware Campaign Uses DOCX, RTF, JS, and Python
Hackers are abusing DOCX, RTF, JavaScript, PowerShell, and Python to deliver an in”‘memory Cobalt Strike beacon in a stealthy spear”‘phishing campaign that impersonates Boeing procurement under the tag NKFZ5966PURCHASE. The operation chains six stages, relies heavily on living”‘off”‘the”‘land binaries, and reuses the same encryption keys across all known samples, creating both strong evasion and clear…
-
CISA Issues Alert on Chrome Zero-Day Under Active Exploitation
Tags: browser, chrome, cisa, cve, cyber, cybersecurity, exploit, flaw, google, hacker, infrastructure, kev, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability affecting Google Chrome and other Chromium-based web browsers. Officially tracked as CVE-2026-5281, this security flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog because hackers are actively exploiting it in real-world attacks. The vulnerability originates…
-
Cyberangriff auf Hasbro: Hacker infiltrieren IT von großem Spielwarenkonzern
Ein Angreifer ist in die IT-Umgebung von Hasbro eingedrungen. Der Spielwarenhersteller rechnet mit einer Aufarbeitungszeit von mehreren Wochen. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-auf-hasbro-hacker-infiltrieren-it-von-spielwarenkonzern-2604-207189.html
-
Hackers Are Using WhatsApp to Deliver Malware to Windows PCs
Hackers are using WhatsApp messages to deliver malware to Windows PCs, exploiting user trust and attachments to trigger stealthy, multi-stage attacks. The post Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-malware-windows-attack/
-
Hasbro says it was hacked, and may take ‘several weeks’ to recover
The American toymaking giant noted that it was continuing to “implement measures to secure its business operations,” suggesting that the hackers may still be in the company’s systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/01/hasbro-hacked-may-take-several-weeks-to-recover/
-
North Korean hackers linked to Axios npm supply chain compromise
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/01/north-korean-hackers-linked-to-axios-npm-supply-chain-compromise/
-
Ethereum-Based EtherRAT, EtherHiding Power Stealthy Malware Campaigns
Hackers are abusing the Ethereum blockchain to hide and control a new Node.js backdoor called EtherRAT, using a stealthy technique known as EtherHiding to make their command”‘and”‘control (C2) infrastructure difficult to disrupt. EtherRAT, previously profiled by Sysdig and linked to North Korean “Contagious Interview” activity, is a Node.js backdoor that lets attackers run arbitrary commands,…
-
Chinese Hackers Target European Governments in Espionage Campaigns
Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-hackers-ta416-europe/
-
Iranian Handala Hackers Breach FBI Director Kash Patel’s Gmail Account
The digital landscape has reached a point where no one”, not even the head of the FBI, is immune to a well-timed exploit. New reporting from Cyber Security News reveals that FBI Director Kash Patel’s personal Gmail account was breached by the Iran-linked “Handala” hacker group. The hackers didn’t just take the data; they made…
-
Hacker zielen auf Exilportal Iranwire
Unbekannte sollen das Exilportal Iranwire gehackt haben.Hacker haben nach Angaben der iranischen Justiz mutmaßlich Zugriff auf Daten eines bekannten Exilportals erlangt. Dabei seien große Menge an Daten erbeutet worden, darunter Schriftwechsel, Listen von Angestellten, Informanten sowie streng vertrauliche Daten, berichtete das Sprachrohr der iranischen Justiz, die Nachrichtenagentur Misan. Bei dem Portal handelte es sich um die gut informierte…
-
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
Hackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful toolkit that combines remote access, data theft, surveillance, and even prank-based disruption features. Security researchers identified the campaign in March 2026, noting that the malware is being sold under a subscription model with three pricing…
-
Hackers Exploit Hotel Booking Systems to Send Fake Payment Requests to Guests
Hackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservation data with convincing social engineering. The message references real booking details such as the hotel name, stay dates, or payment status making it appear legitimate. Instead of raising suspicion, the message feels like…
-
Hackers Hijack Axios npm Package to Spread RATs
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open”‘source maintainer’s account, researchers warn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-hijack-axios-npm-package/
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069.”We have attributed the attack to a suspected North Korean threat actor we track as UNC1069,” John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told The Hacker News…
-
Javascript-Bibliothek: Nordkoreanische Hacker sollen hinter Axios-Hack stecken
Millionen Entwickler nutzen die Axios-Bibliothek. Hinter dem Schadsoftware-Angriff auf das Open-Source-Projekt stecken womöglich nordkoreanische Hacker. First seen on golem.de Jump to article: www.golem.de/news/javascript-bibliothek-nordkoreanische-hacker-sollen-hinter-axios-hack-stecken-2604-207133.html
-
Nach Trivy-Hack: Hacker sollen Quellcode von Cisco erbeutet haben
Der Supply-Chain-Angriff auf Trivy hat Folgen. Die Angreifer sollen an Daten aus Github-Repos und AWS-Konten von Cisco gelangt sein. First seen on golem.de Jump to article: www.golem.de/news/nach-trivy-hack-hacker-sollen-quellcode-von-cisco-erbeutet-haben-2604-207140.html
-
Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks
A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote Code Execution (RCE) flaw carries a maximum CVSS score of 10.0. According to a recent honeypot study, attackers began weaponizing the flaw on January 22, 2026, the exact day public exploit code was released on…
-
North Korean hackers blamed for hijacking popular Axios open source project to spread malware
A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-project-used-by-millions-to-push-malware/
-
North Korean hackers blamed for hijacking popular Axios open-source project to spread malware
A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-project-used-by-millions-to-push-malware/
-
Hacker hijacks Axios open-source project, used by millions, to push malware
A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-project-used-by-millions-to-push-malware/
-
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses
Tags: cyber, cybersecurity, government, group, hacker, incident, incident response, phishing, russia, ukraineA pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said. First seen on therecord.media Jump to article: therecord.media/pro-russian-hackers-posing-as-ukrainian-cyber-agency