Tag: hacker
-
BreachForums Breached, Exposing 324K Cybercriminals
Massive data dump reveals real identities and details of administrators and members of the notorious hacker forum. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/breachforums-breached-exposing-324k-cybercriminals
-
Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds
New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims. First seen on hackread.com Jump to article: hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/
-
Facebook login thieves now using browserbrowser trick
Hackers over the past six months have relied increasingly more on the browser-in-the-browser (BitB) method to trick users into providing Facebook account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/facebook-login-thieves-now-using-browser-in-browser-trick/
-
Armenia probes alleged sale of 8 million government records on hacker forum
The dataset, advertised on an underground forum for $2,500, is said to contain about 8 million records linked to official notifications, including communications from police and judicial bodies. First seen on therecord.media Jump to article: therecord.media/armenia-probes-alleged-sale-government-records
-
Target’s dev server offline after hackers claim to steal source code
Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform. After BleepingComputer notified Target, the files were taken offline and the retailer’s developer Git server was inaccessible. First seen on bleepingcomputer.com Jump to article:…
-
Spanish energy giant Endesa discloses data breach affecting customers
Spanish energy provider Endesa and its EnergÃa XXI operator are notifying customers that hackers accessed the company’s systems and accessed contract-related information, which includes personal details. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spanish-energy-giant-endesa-discloses-data-breach-affecting-customers/
-
Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years
The Amsterdam Court of Appeal ruled Friday that the man played a central technical role in a criminal network that exploited port computer systems in 2020 and 2021, allowing traffickers to move drugs through Europe’s logistics hubs without detection. First seen on therecord.media Jump to article: therecord.media/dutch-court-sentences-hacker-who-smuggled-cocaine-ports
-
ClickFix-Angriffsvariante ConsentFix: So tricksen Hacker Microsoft-Konten aus
Durch diesen Trick erhalten die Angreifer den OAuth-Schlüssel und können eine Verbindung zwischen ihrem eigenen System und dem Microsoft-Konto des Opfers herstellen ohne Passwortdiebstahl oder Umgehung der Multi-Faktor-Authentifizierung. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/clickfix-angriffsvariante-consentfix-so-tricksen-hacker-microsoft-konten-aus/a43332/
-
Salt Typhoon Hackers Hit Congressional Emails in New Breach
Staff Working on China, Intel, Military Oversight Targeted in Espionage Operation. U.S. officials are probing a suspected Chinese cyber campaign tied to Salt Typhoon that breached congressional staff email systems supporting national security committees, exposing sensitive discussions and raising concerns about unclassified federal network defenses. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-hackers-hit-congressional-emails-in-new-breach-a-30484
-
How hackers are fighting back against ICE surveillance tech
Remember when government agents didn’t wear masks? First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/hackers_fight_back_against_ice/
-
MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities
Cybersecurity researchers from Huntress detail a major VM Escape attack where hackers took over host servers. Using a secret toolkit called MAESTRO, the attackers stayed hidden for over a year. Read the exclusive details on how this breach was stopped and how to protect your network. First seen on hackread.com Jump to article: hackread.com/maestro-toolkit-vmware-vm-escape-vulnerabilities/
-
Hackers target misconfigured proxies to access paid LLM services
Threat actors are systematically hunting for misconfigured proxy servers that could provide access to commercial large language model (LLM) services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-target-misconfigured-proxies-to-access-paid-llm-services/
-
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage,…
-
At least $26 million in crypto stolen from Truebit platform as crypto crime landscape evolves
The theft continues a trend from the last two years, when hackers stole billions worth of cryptocurrency from both platforms and asset owners. First seen on therecord.media Jump to article: therecord.media/26-million-in-crypto-stolen-truebit
-
Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
A hacker claims to be selling nearly 40 million Condé Nast user records after leaking Wired.com data, with multiple major brands allegedly affected. First seen on hackread.com Jump to article: hackread.com/wired-com-hacker-data-leak-conde-nast-records/
-
What Is Penetration Testing: Tools, Process, and Importance
Web applications, databases, sub-domains, DNS configuration, and public_html are some of the online places where you can never allow a hacker in. If they do, sometimes forcefully, a full account takeover is just a matter of time. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/what-is-penetration-testing/
-
What Is Penetration Testing: Tools, Process, and Importance
Web applications, databases, sub-domains, DNS configuration, and public_html are some of the online places where you can never allow a hacker in. If they do, sometimes forcefully, a full account takeover is just a matter of time. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/what-is-penetration-testing/
-
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country.”As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) First…
-
BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector
The post BlueDelta Espionage: Russian Hackers Abuse Free Apps to Target Energy Sector appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/bluedelta-espionage-russian-hackers-abuse-free-apps-to-target-energy-sector/
-
Chinese-speaking hackers exploited ESXi zero-days long before disclosure
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hacked SonicWall VPN to deliver a toolkit targeting VMware ESXi. The exploit chain included a sophisticated VM escape and appears to have been developed more than a year…
-
New China-linked hackers breach telcos using edge device exploits
A sophisticated threat actor that uses Linux-based malware to target telecommunications providers has recently broadened its operations to include organizations in Southeastern Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-china-linked-hackers-breach-telcos-using-edge-device-exploits/
-
FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs
The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-about-kimsuky-hackers-using-qr-codes-to-phish-us-orgs/
-
CrowdStrike Acquires SGNL for $740 Million to Thwart AI-Powered Cyber Threats
Tags: ai, credentials, crowdstrike, cyber, cybersecurity, defense, exploit, hacker, identity, intelligence, startup, technology, threatCrowdStrike Inc. said Thursday it will acquire identity security startup SGNL in a deal valued at $740 million the latest move by the cybersecurity giant to fortify its defenses against increasingly sophisticated artificial intelligence (AI)-powered cyberattacks. The acquisition centers on SGNL’s continuous identity technology, designed to prevent hackers from exploiting user credentials as entry.. First…
-
Cryptohack Roundup: Alleged Fraud Kingpin Deported to China
Also: Unleash Protocol Hack, LastPass Breach Linked to Crypto Thefts. This week, an alleged fraud kingpin deported to China, Bitfinex hacker gained early release, Unleash Protocol’s $3.9M hack, TRM tied crypto thefts to the LastPass breach, Trust Wallet’s link to the Sha1-Hulud attack, Flow’s NFT loan fallout, Ledger’s data exposure and Kontigo reimbursements. First seen…