Tag: hacker
-
Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/
-
Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/
-
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Hackers are injecting malicious JavaScript into compromised WordPress sites to deploy ErrTraffic-powered ClickFix lures, a campaign that achieved nearly 60% victim conversion rates an unprecedented figure in malware ecosystems. Threat actors exploit WordPress vulnerabilities to inject a single line of JavaScript that visually glitches websites, then trick users into executing malicious PowerShell commands under the…
-
Hackers Inject Malicious JavaScript Into WordPress Sites to Deploy ErrTraffic ClickFix Lures
Hackers are injecting malicious JavaScript into compromised WordPress sites to deploy ErrTraffic-powered ClickFix lures, a campaign that achieved nearly 60% victim conversion rates an unprecedented figure in malware ecosystems. Threat actors exploit WordPress vulnerabilities to inject a single line of JavaScript that visually glitches websites, then trick users into executing malicious PowerShell commands under the…
-
North Korean hackers use fake Microsoft alerts to deploy NarwhalRAT malware
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-hackers-use-fake-microsoft-alerts-to-deploy-narwhalrat-malware
-
Hackers Begin to Leak Novo Nordisk’s Stolen Data
Cybercrime Gang FulcrumSec Claims AI Models Are Among Drug Maker’s 1.3TB Trove. Cybercrime gang FulcrumSec has begun leaking what it claims are samples from 1.3 terabytes of data stolen from pharmaceutical giant Novo Nordisk. The hackers claim the trove contains clinical trial information and intellectual property, including AI models used in drug development. First seen…
-
‘I Could Have Rickrolled the World Cup’
World Cup 2026 Bug Exposed World Cup Camera Feeds, Stream Keys. A white-hat hacker discovered a now-fixed authorization flaw in a FIFA World Cup 2026 platform that allowed users to access a World Cup camera feed and other restricted resources. An attacker could have rickrolled the entire FIFA World Cup, wrote Bobdahacker. First seen on…
-
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
SearchLeak exploit shows why the industry’s approach to LLM security fails over and over. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/critical-copilot-vulnerability-allowed-hackers-to-seal-2fa-code-from-users/
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Tags: communications, control, cyber, exploit, hacker, infrastructure, malicious, microsoft, ransomware, threatMicrosoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware campaign attributed to the DragonForce group. Security researchers have discovered a novel technique in which attackers exploit Microsoft Teams’ TURN (Traversal Using Relays around NAT) servers to conceal command-and-control (C2) communications, making malicious activity…
-
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Tags: communications, control, cyber, exploit, hacker, infrastructure, malicious, microsoft, ransomware, threatMicrosoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware campaign attributed to the DragonForce group. Security researchers have discovered a novel technique in which attackers exploit Microsoft Teams’ TURN (Traversal Using Relays around NAT) servers to conceal command-and-control (C2) communications, making malicious activity…
-
Hackers Use OnionDrop Loader With DLL Sideloading to Deploy Multiple Infostealers
A professionally engineered loader called OnionDrop is being used in high-tempo campaigns to deliver multiple infostealers at scale. Between February 28 and May 20, 2026, YARA retro-hunting uncovered more than 645 unique OnionDrop DLL samples, and deliveries remained active at the time of publication. The campaign’s operational footprint and evasion techniques place OnionDrop well above…
-
Critical Copilot vulnerability allowed hackers to seal 2FA code from users
SearchLeak exploit shows why the industry’s approach to LLM security fails over and over. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/critical-copilot-vulnerability-allowed-hackers-to-seal-2fa-code-from-users/
-
Hackers Abuse Compromised WordPress Sites to Deliver GULoader Through EtherHiding Chain
In April 2026, incident responders traced a sophisticated intrusion that abused compromised WordPress sites to deliver GULoader via an EtherHiding → ClickFix → UNC-chain. The real-world ClickFix incident produced convergent evidence from an ANY.RUN sandbox detonation and live EDR telemetry, revealing a complete, user-initiated attack path from a WordPress mu-plugin backdoor to a blocked rundll32.exe…
-
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS.”The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS,” ESET said in a report shared with The Hacker News. “Both come with a hard-coded C&C [command-and-control] configuration and support communication over TCP, UDP, First…
-
Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts
An active campaign in which attackers are abusing Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. Rather than capturing credentials with a fake login page, the threat actors persuade victims to complete a genuine Microsoft authentication process that, unbeknownst to them, authorizes an attacker-controlled “device.” The result: fully…
-
iRhythm discloses data breach, says hackers stole patient info
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients’ personal and health information stored on third-party-hosted business applications. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/irhythm-discloses-data-breach-says-hackers-stole-patient-info/
-
Hackers Use The Quarry PhaaS Ecosystem to Target U.S. Victims With IRS Phishing
A single developer-known online as RockyBelling has assembled a highly modular PhaaS/MaaS ecosystem that affiliates worldwide use to launch highly targeted IRS and SSA-themed phishing campaigns that predominantly hit U.S. victims. SOCRadar research spanning April 2025April 2026 ties almost 200 affiliates to a commercial toolkit that combines sophisticated cloaking, flexible payload options, real-time victim telemetry…
-
PRC-Nexus Hackers Abuse REDCap Servers to Monitor US Medical Research Organizations
A sophisticated, long-running cyberespionage campaign attributed to UNC6508, a People’s Republic of China (PRC)-nexus threat actor, that systematically targets North American academic, medical, and military research institutions. The campaign, active since at least September 2023, remained undetected for over a year while the threat actor silently harvested credentials, exfiltrated sensitive communications, and maintained persistent access across victim…
-
Hacker fordern zwei Millionen Dollar von Nintendo
Tags: hackerHacker behaupten, interne Unternehmensdaten von Nintendo aus zehn Jahren gestohlen zu haben. Sie fordern ein Lösegeld von zwei Millionen Dollar. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nintendo-zwei-millionen
-
Hacker fordern zwei Millionen Dollar von Nintendo
Tags: hackerHacker behaupten, interne Unternehmensdaten von Nintendo aus zehn Jahren gestohlen zu haben. Sie fordern ein Lösegeld von zwei Millionen Dollar. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nintendo-zwei-millionen
-
Zehn Jahre unentdeckt: Hacker manipulieren Linux-Login
Die Hackergruppe Velvet Ant hat über fast zehn Jahre hinweg Linux-Login-Systeme mit einer Hintertür versehen, um unbemerkt Netzwerke auszuspionieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/manipulierter-linux-login-zehn-jahre
-
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email.The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the unusual part: the attackers rewired the victims’ own Google Workspace rules…
-
SimpleHelp bug lets hackers create rogue remote support accounts
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/
-
SimpleHelp bug lets hackers create rogue remote support accounts
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/
-
Chinese hackers breached North American research institutions via REDCap servers
A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/15/chinese-hackers-redcap-medical-research-institutions-breach/
-
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi).According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes First seen on…
-
Hackers Demand $2M From Nintendo Over Alleged Data Breach
A threat actor claims to have stolen Nintendo data and is demanding $2 million. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/hackers-demand-2m-from-nintendo-over-alleged-data-breach/
-
Chinese hackers breach REDCap servers, steal medical research
A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-breach-redcap-servers-steal-medical-research/