Tag: hacker
-
Chinese Hackers Targeting Cisco Email Gateways
Cisco Talos Attributes Campaign to UAT-9686. Likely Chinese nation-state hackers are exploiting an unpatched flaw in Cisco email appliances as part of an ongoing campaign to gain persistent access. Hackers have been exploiting since mid-November a zero-day in the Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. First seen on govinfosecurity.com Jump…
-
New China-linked hacker group spies on governments in Southeast Asia, Japan
The group, LongNosedGoblin, has been active since at least September 2023 and was uncovered after researchers detected new malware strains inside the network of a Southeast Asian government last year. First seen on therecord.media Jump to article: therecord.media/china-linked-hacker-group-spied-on-asian-govs
-
New China-linked hacker group spies on governments in Southeast Asia, Japan
The group, LongNosedGoblin, has been active since at least September 2023 and was uncovered after researchers detected new malware strains inside the network of a Southeast Asian government last year. First seen on therecord.media Jump to article: therecord.media/china-linked-hacker-group-spied-on-asian-govs
-
University of Sydney suffers data breach exposing student and staff info
Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/university-of-sydney-suffers-data-breach-exposing-student-and-staff-info/
-
APT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server Information
Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intelligence dump, fundamentally rewrites that assessment. What emerges is not a hacker collective but a government department, complete with…
-
Crypto Theft in 2025 Concentrated in Fewer, Larger Breaches
Chainalysis Data Shows Access-Driven Attacks Reshaping Risk. Hackers stole more than $3.4 billion in crypto this year. Losses were driven by a small number of high-impact breaches. Chainalysis data shows how North Korea actors, centralized platforms and expanding retail adoption reshaped where crypto risk accumulated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/crypto-theft-in-2025-concentrated-in-fewer-larger-breaches-a-30331
-
Der Raspberry-Pi-Weckruf für CISOs
Tags: access, authentication, ceo, ciso, control, cyberattack, dns, firewall, group, hacker, Hardware, infrastructure, linux, monitoring, office, risk, switch, tool, voip, vpnKleines Device, große Wirkung.Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff…
-
China-linked hackers exploit insecure setting in Cisco security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
Chinese attackers exploiting zero-day to target Cisco email security products
Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory. First seen on therecord.media Jump to article: therecord.media/chinese-attackers-zero-day
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets
SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada. First seen on hackread.com Jump to article: hackread.com/iran-apt-prince-of-persia-resurfaces/
-
Crypto theft in 2025: North Korean hackers continue to dominate
When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/crypto-theft-2025-north-korean-domination/
-
Cisco says China-linked hackers exploiting insecure setting in security products
The company urged customers to immediately reconfigure affected products. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-china-cyberattacks-asyncos-configuration/808258/
-
Hackers breach internal servers of tech provider for Britain’s health service
In a disclosure to the London Stock Exchange, the the U.K. healthcare IT provider DXS said it discovered a data breach on December 14. First seen on therecord.media Jump to article: therecord.media/uk-nhs-tech-provider-dxs-discloses-hack
-
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People’s Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from January through early December.The figure represents a 51% increase year-over-year and $681 million…
-
New BeaverTail Malware Variant Linked to Lazarus Group
A new variant of the BeaverTail malware linked to North Korean hackers has been identified targeting cryptocurrency traders and developers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/beavertail-variant-linked-lazarus/
-
Backdoors eingeschleust: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Geldwäsche für Hacker: Kryptodienst wegen illegaler Aktivitäten vom Netz genommen
Ein 39-jähriger Russe soll über seine Krypto-Börse E-Note für Cyberkriminelle Millionenbeträge gewaschen haben. Damit ist jetzt Schluss. First seen on golem.de Jump to article: www.golem.de/news/geldwaesche-fuer-hacker-kryptodienst-wegen-illegaler-aktivitaeten-vom-netz-genommen-2512-203390.html
-
Ungepatchte Sicherheitslücke: Chinesische Hacker kapern seit Wochen Cisco-Systeme
Angreifer aus China schleusen über eine Zero-Day-Lücke in Cisco AsyncOS Malware auf anfällige Appliances. Ein Patch ist noch nicht in Sicht. First seen on golem.de Jump to article: www.golem.de/news/ungepatchte-sicherheitsluecke-cisco-systeme-werden-seit-wochen-attackiert-2512-203379.html
-
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete system control. The vulnerability stems from insufficient authorization checks in the SonicWall SMA1000 Appliance Management…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Critical Node.js Library Flaw Lets Hackers Execute Remote Commands on Windows
A severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user input to the vulnerable function. The vulnerability exists in the fsSize() function, which retrieves disk space information but fails…
-
Hackers Actively Target Cisco and Palo Alto VPN Gateways to Steal Login Credentials
Tags: attack, authentication, breach, cisco, credentials, cyber, cybersecurity, exploit, hacker, login, network, service, vpnCybersecurity researchers at GreyNoise have identified a large-scale, coordinated campaign targeting enterprise VPN authentication systems. The attackers are systematically attempting to breach Cisco SSL VPN and Palo Alto Networks GlobalProtect services through credential-based attacks rather than exploiting specific vulnerabilities. The campaign activity was observed during mid-December across a concentrated two-day period, revealing a sophisticated approach…
-
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems. First seen on hackread.com Jump to article: hackread.com/france-arrests-hacker-interior-ministry-systems/
-
France Arrests 22 Year Old After Hack of Interior Ministry Systems
France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems. First seen on hackread.com Jump to article: hackread.com/france-arrests-hacker-interior-ministry-systems/
-
Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities
Imagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fiction. Security researchers have demonstrated that this scenario is entirely possible in today’s connected vehicles, exposing a critical vulnerability in…
-
Chinese Hackers Turn Compromised Servers Into ShadowPad Nodes
A sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a significant escalation in the group’s operational capabilities, enabling attackers to establish persistent, multi-layered command-and-control infrastructure that spans victim…