Tag: hacker
-
BSidesCache 2025 Hackers Don’t Break In. They Log In.
Author, Creator & Presenter: Dhivva Balasubramanian – Cybersecurity IAM Manager, Southwest Airlines Our thanks to BSidesCache for publishing their Creators, Authors and Presenter’s outstanding BSidesCache 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidescache-2025-hackers-dont-break-in-they-log-in/
-
ClickFix Attack Targets Devs with MacSync Malware via Fake Claude Tools
Cybersecurity researchers at 7AI have revealed a new Claude Fraud campaign in which hackers use fake AI extensions and Google ads to steal data from tech professionals. First seen on hackread.com Jump to article: hackread.com/clickfix-attack-devs-macsync-malware-fake-claude-tools/
-
Iranian Hackers Use Compromised Cameras for Regional Surveillance
Tags: apt, cctv, cyber, exploit, group, hacker, infrastructure, intelligence, Internet, iran, middle-eastIranian cyber actors are expanding operations targeting US organizations while also exploiting internet-connected cameras across the Middle East for intelligence collection and battlefield awareness. Recent incidents tied to APT group MuddyWater, camera”‘focused infrastructure, and hacktivist collective Handala point to an ecosystem that is operational but constrained, prioritizing persistence, visibility, and selective disruption over large”‘scale, coordinated cyber campaigns.…
-
Hackers Leverage Safe Links and URL Rewriting to Evade Detection
Threat actors were already abusing URL rewriting mechanisms in phishing campaigns to mask malicious domains. URL rewriting is designed to protect users by replacing original links with security-vendor URLs that scan destinations at click time. These rewritten links route traffic through the provider’s infrastructure so they can analyze the page in real time, block known…
-
PCI DSS Compliance Framework for Global Payment Security
As digital payments continue to dominate global commerce, organizations that process, store, or transmit payment card data face increasing cybersecurity risks. From sophisticated data breaches to payment skimming attacks, hackers constantly target cardholder information. To mitigate these risks and establish a unified security baseline, the Payment Card Industry Data Security Standard (PCI DSS) was developed….…
-
Hackers Abuse Trusted Websites in New Attacks on Microsoft Teams Users
Threat actors are increasingly turning to trusted infrastructure to launch their attacks, making it harder for automated security tools to flag malicious activity. A newly identified phishing campaign highlights this growing trend by abusing compromised websites to harvest valuable corporate credentials. Cybersecurity researchers have uncovered a sophisticated new phishing campaign where attackers hijack legitimate websites…
-
Simply Offensive Podcast: The Future of Pentesting: AI, Automation, and Better Reporting with Dan DeCloss
Tags: ai, automation, computer, corporate, cybersecurity, data, exploit, hacker, hacking, jobs, penetration-testing, skills, technology, threat, tool, update, vulnerability<div cla The Future of Pentesting: AI, Automation, and Better Reporting with Dan DeCloss In this episode of Simply Offensive, Philip Wylie welcomes Dan DeCloss, the founder of PlexTrac. The two veterans of the cybersecurity industry discuss their history together, the evolution of report writing, and the seismic shift AI is bringing to offensive security.…
-
Simply Offensive Podcast: The Future of Pentesting: AI, Automation, and Better Reporting with Dan DeCloss
Tags: ai, automation, computer, corporate, cybersecurity, data, exploit, hacker, hacking, jobs, penetration-testing, skills, technology, threat, tool, update, vulnerability<div cla The Future of Pentesting: AI, Automation, and Better Reporting with Dan DeCloss In this episode of Simply Offensive, Philip Wylie welcomes Dan DeCloss, the founder of PlexTrac. The two veterans of the cybersecurity industry discuss their history together, the evolution of report writing, and the seismic shift AI is bringing to offensive security.…
-
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Researchers uncovered an extensive cyberespionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/china-nexus-hackers-southeast-asian-military-orgs
-
Telus Digital confirms hack as ShinyHunters claims credit for massive data theft
The Canadian business-process outsourcer, which counts many major businesses among its customers, still isn’t sure what the hackers stole. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/telus-digital-cyberattack-shinyhunters/814817/
-
Russia-linked espionage campaign targeting Ukraine using Starlink and charity lures
A Russia-linked hacker group launched a cyber-espionage campaign targeting Ukrainian organizations using fake documents about Starlink satellite internet terminals and a well-known Ukrainian charity, to infect devices with spyware. First seen on therecord.media Jump to article: therecord.media/russia-ukraine-cyber-espionage-group
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Cyberangriff: Hacker attackieren polnischen Kernreaktor-Betreiber
Polens nationales Nuklearforschungszentrum bestätigt einen versuchten Cyberangriff auf die eigene IT. Erste Spuren weisen angeblich Richtung Iran. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-attackieren-polnischen-kernreaktor-betreiber-2603-206533.html
-
Hackers tried to breach Poland’s nuclear research centre
Poland’s National Centre for Nuclear Research (NCBJ) thwarted a cyberattack targeting its IT infrastructure. The attempted intrusion was detected and blocked before attackers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/16/poland-nuclear-research-centre-cyberattack/
-
A Hacker Accidentally Broke Into the FBI’s Epstein Files
Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-a-hacker-accidentally-broke-into-the-fbis-epstein-files/
-
Hackers targeted Poland’s National Centre for Nuclear Research
Hackers targeted Poland’s National Centre for Nuclear Research, but security systems detected and blocked the attack before any damage. The National Centre for Nuclear Research in Poland reported a cyberattack on its IT infrastructure. The intrusion attempt was quickly detected by security systems, allowing staff to secure the targeted systems and prevent any operational impact.…
-
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020.Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087, where CL refers to cluster, and STA stands for state-backed motivation.”The activity demonstrated strategic operational patience and…
-
Poland’s nuclear research centre targeted by cyberattack
Poland’s National Centre for Nuclear Research (NCBJ) says hackers targeted its IT infrastructure, but the attack was detected and blocked before causing any impact. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/polands-nuclear-research-centre-targeted-by-cyberattack/
-
Even primitive AI-coded malware helps hackers move faster, thwart attribution
IBM researchers discovered an autonomously coded backdoor that they called unsophisticated but nonetheless ominous. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-ransomware-backdoor-ibm-attribution/814671/
-
Hacker nutzen Gefälschte Claude-Code-Downloads
Sicherheitsforscher von Bitdefender Labs warnen aktuell vor einer Angriffskampagne, bei der Kriminelle den KI-Programmierassistenten Claude Code ins Visier nehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hacker-claude-code-downloads
-
Im Visier der Hacker: Welche Branchen am stärksten gefährdet sind
Die Sektoren Technologie, Bildung und E-Commerce waren über einen Zeitraum von drei Jahren am stärksten von Datenlecks betroffen. In diesem Zeitraum sind bei fast 10.000 größeren Vorfällen mehr als 7,8 Milliarden E-Mail-Datensätze offengelegt worden. Eine Analyse der Datenlecks ergab, dass 90 % der Lecks E-Mail-Adressen enthielten, 32 % Zugangsdaten und 12,3 % sensible staatliche… First…
-
Breach Roundup: Russian State Actors Target Signal, WhatsApp
Also, More ClickFix Attacks and Teen Booters Arrested in Poland. This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire. First…
-
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
Tags: access, attack, authentication, best-practice, ceo, computer, credentials, cyber, cyberattack, data, flaw, group, hacker, identity, infrastructure, intelligence, iran, jobs, mobile, phone, service, software, supply-chain, theft, threat, updateHandala claims credit: The Handala threat group quickly claimed responsibility for the attack. While the group’s involvement is just a claim for now, Stryker employees reportedly saw a version of the Handala logo a cartoon of a Palestinian boy with his back turned and hands crossed behind him on affected devices.Handala’s identity is hard to…
-
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Scammers are hijacking popular security tools like Cloudflare to hide fake Microsoft 365 login pages. Learn how this new invisible phishing campaign bypasses antivirus software and how you can stay safe. First seen on hackread.com Jump to article: hackread.com/hackers-cloudflare-human-check-microsoft-365-phishing/
-
Payment Giant Verifone Disputes Iranian Hacking Group Hit
Tehran-Linked Handala Hackers Disrupt Medtech Giant Stryker, Claim Verifone Breach. As the United States and Israel continue their war with Iran, Tehran-linked hacking group Handala has entered the fray, claiming credit for wiping systems at medical technology firm Stryker, which confirmed the attack, as well as breaching payment device maker Verifone, which denied being breached.…
-
How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks
Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran’s use of “hacktivism” as cover for chaotic, retaliatory state-sponsored cyberattacks. First seen on wired.com Jump to article: www.wired.com/story/handala-hacker-group-iran-us-israel-war/
-
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telus-digital-confirms-breach-after-hacker-claims-1-petabyte-data-theft/
-
Your Signal account is safe unless you fall for this trick
Signal, the encrypted messaging app trusted by security-savvy users around the world, has confirmed that hackers have managed to takeover accounts – with government officials and journalists among those being targeted. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/signal-account-safe-unless-fall-for-this-trick
-
Maintaining Security and Protecting Smart Home Devices from Hackers
Learn how to protect smart home devices from hackers. Strong passwords, updates and secure networks help keep cameras, sensors and data safe. First seen on hackread.com Jump to article: hackread.com/maintain-security-protect-smart-home-devices-hackers/