Tag: hacker
-
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through… First seen on hackread.com Jump to article: hackread.com/darksword-iphone-exploit-leaked-online/
-
81-month sentence for Russian hacker behind major ransomware campaigns
U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in prison for supporting ransomware groups like Yanluowang. He helped carry out dozens of attacks, causing over $9M in losses. Arrested in Italy in 2024…
-
Why CISOs should embrace AI honeypots
Tags: access, ai, api, attack, breach, business, ciso, credentials, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, hacker, LLM, mitigation, open-source, RedTeam, risk, service, threat, tool, vulnerabilityWhy CISOs should consider honeypots: Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these…
-
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks…
-
Hacker walks away with $24.5 million after breaching Resolv DeFi platform
In a message to the attacker on the blockchain, Resolv offered the person 10% of the $24.5 million in ETH if they returned the rest and ceased all further activity with the exploited funds. First seen on therecord.media Jump to article: therecord.media/hacker-breaches-resolv-defi-25-million
-
AI poised to most help low-skilled hackers in the near term
The expected rise in automated cyberattacks means more work for defenders —;but they can use AI to fight back. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-cybercrime-ransomware-low-skilled-boost/815498/
-
After hackers hit an Iowa company, cars around the country failed to start
If you don’t calibrate your interlock in time, your vehicle is dead. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/03/after-hack-some-ignition-interlock-users-couldnt-start-their-own-cars/
-
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Leaked “DarkSword” exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/
-
FBI: Iranian hackers targeting opponents with Telegram malware
The campaign goes back to 2023 but is the subject of an alert amid conflict in the Middle East. First seen on cyberscoop.com Jump to article: cyberscoop.com/fbi-iranian-hackers-targeting-opponents-with-telegram-malware/
-
Crunchyroll probes breach after hacker claims to steal 6.8M users’ data
Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crunchyroll-probes-breach-after-hacker-claims-to-steal-68m-users-data/
-
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects.The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since December…
-
Trivy supply-chain attack spreads to Docker, GitHub repos
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company’s GitHub organization to tamper with dozens of repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trivy-supply-chain-attack-spreads-to-docker-github-repos/
-
Network edge devices still widely used after reaching endlife status
A report by VulnCheck shows nation-state hackers often target flaws in aging routers, firewalls and VPNs. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/network-edge-devices-still-widely-used-after-reaching-end-of-life-status/815403/
-
FBI says Iranian hackers are using Telegram to steal data in malware attacks
Hackers working for Iran’s government are using Telegram in hacking operations that use malware to target dissidents, opposition groups, and journalists who oppose its regime, according to the FBI. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/fbi-says-iranian-hackers-are-using-telegram-to-steal-data-in-malware-attacks/
-
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
New research from LevelBlue reveals how a suspected North Korean operative landed a remote IT role to fund national weapons programmes. First seen on hackread.com Jump to article: hackread.com/north-korean-hacker-remote-it-job-vpn-slip/
-
Hackers Exploit Quest KACE SMA Flaw to Harvest Credentials
Tags: authentication, corporate, credentials, cve, cyber, exploit, flaw, hacker, network, threat, vulnerabilitySecurity Researchers have detected active exploitation targeting unpatched Quest KACE Systems Management Appliance (SMA) instances. Starting the week of March 9, 2026, threat actors began leveraging a critical authentication bypass vulnerability, identified as CVE-2025-32975, to infiltrate corporate networks, harvest sensitive credentials, and pivot toward critical infrastructure. Quest KACE SMA Flaw Quest KACE SMA is a…
-
FBI warns of Handala hackers using Telegram in malware attacks
The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country’s Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-handala-hackers-using-telegram-in-malware-attacks/
-
Russian hackers go after high-value targets through Signal
Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/23/russian-hackers-signal-phishing-campaign/
-
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf.The cybersecurity company said it observed malicious activity starting the week of March 9, 2026, in customer environments that’s consistent with the exploitation of CVE-2025-32975 on unpatched SMA systems exposed to the internet. It’s…
-
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
Tags: attack, control, cybersecurity, hacker, infrastructure, intelligence, phishing, russia, service, threatThreat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications (CMAs) like WhatsApp and Signal to seize control of accounts belonging to individuals with high intelligence value, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) said Friday.”The campaign First seen on thehackernews.com Jump…
-
Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck
Plus: The FBI admits it’s buying phone data to track Americans, Iranian hackers disrupt medical care at Maryland hospitals, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-cyberattack-on-a-car-breathalyzer-firm-leaves-drivers-stuck/
-
7,500+ Magento sites defaced in global hacking campaign
Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000 hostnames, mostly opportunistic attacks. Since February 27, a large-scale campaign has defaced over 7,500 Magento sites, targeting e-commerce platforms, global brands, and government services. According to cybersecurity firm Netcraft, attackers placed plaintext defacement files across more than 15,000 hostnames, directly compromising affected infrastructure.…
-
Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach
LAPSUS$ claims it breached AstraZeneca, offering alleged source code, credentials, cloud configs, and employee data for sale in leaked samples. First seen on hackread.com Jump to article: hackread.com/hacker-group-lapsus-astrazeneca-data-breach/
-
Endpunkte ohne Authentifizierung – Hacker knachen McKinsey-KI ‘Lilli” in nur 2 Stunden
First seen on security-insider.de Jump to article: www.security-insider.de/mckinsey-ki-lilli-gehackt-sql-injection-api-schwachstelle-a-c36a94b56bc0a4ecf03dd3147e2dc6cc/
-
DDoS-Attacken: Schlag gegen internationale Cyberkriminelle
Tags: android, botnet, cyberattack, cybercrime, ddos, germany, hacker, infrastructure, router, service, usaDDos bleibt ein Evergreen unter den Security-Bedrohungen. Karsten Kunert mit ChatGPTIn einem großangelegten Schlag gegen ein internationales Hacker-Netzwerk haben Sicherheitsbehörden in Nordamerika und Deutschland die beiden weltgrößten Botnetze zerschlagen. Die Infrastruktur der Kriminellen war vor allem für sogenannte Denial-of-Services-Attacken (DDoS), verwendet worden, teilte das Bundeskriminalamt mit. Dabei versuchen die Cyberkriminellen, die Webseiten und Apps ihrer…
-
Hackers Exploit Critical Langflow Bug in Just 20 Hours
Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-critical-langflow/
-
Neue Exploit-Kette ‘DarkSword” aufgedeckt – Hacker können mit nur einem Klick in iPhones eindringen
First seen on security-insider.de Jump to article: www.security-insider.de/darksword-1-klick-exploit-kompromittiert-iphones-a-01060b63a59bcff5e396d353bafec45d/
-
FDA Issues Recall for Some GE Imaging Products Due to Cyber
Vulnerability Affects Certain Centricity Medical Imaging Products. The U.S. Food and Drug Administration has issued a recall notice for certain GE Healthcare Centricity medical imaging products due to a potential cybersecurity vulnerability that could allow a hacker to manipulate data or impact availability of the affected products. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fda-issues-recall-for-some-ge-imaging-products-due-to-cyber-a-31090