Tag: hacker
-
Crypto-Funded Chinese Peptide Labs Are Booming
Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite mystery may have been solved, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-crypto-funded-chinese-peptide-labs-are-booming/
-
Underground forum tutorial simplifies vulnerability exploitation for novice hackers
First seen on scworld.com Jump to article: www.scworld.com/brief/underground-forum-tutorial-simplifies-vulnerability-exploitation-for-novice-hackers
-
US agencies warn of hackers targeting fuel tank monitoring systems
First seen on scworld.com Jump to article: www.scworld.com/brief/us-agencies-warn-of-hackers-targeting-fuel-tank-monitoring-systems
-
Pro-Russian hacker group launches ‘Patriotic Online Games’ campaign targeting European organizations
First seen on scworld.com Jump to article: www.scworld.com/brief/pro-russian-hacker-group-launches-patriotic-online-games-campaign-targeting-european-organizations
-
Hackers actively exploit SolarWinds Serv-U flaw to crash servers, CISA warns
First seen on scworld.com Jump to article: www.scworld.com/brief/hackers-actively-exploit-solarwinds-serv-u-flaw-to-crash-servers-cisa-warns
-
MSSPs don’t need more scans. They need Hacker Score.
First seen on scworld.com Jump to article: www.scworld.com/news/socradars-hacker-score-lets-mssps-quickly-assess-a-clients-cyber-risk
-
Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-hackers-now-exploit-solarwinds-serv-u-flaw-to-crash-servers/
-
New CISA Warning: Hackers Are Targeting Fuel Tank Monitoring Systems
CISA warns attackers are targeting internet-exposed Automatic Tank Gauge systems used in fuel storage. Here’s what operators should fix now. The post New CISA Warning: Hackers Are Targeting Fuel Tank Monitoring Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisa-atg-systems-fuel-storage-cyberattacks/
-
Hackers Weaponize Trusted Tools to Deploy Notorious Malware
Attackers are leaning harder on legitimate, preinstalled, or widely used system tools to deliver and operate notorious malware families, creating a stealthy, high-velocity threat that outpaces many traditional defenses. The operational logic for attackers is straightforward. Native utilities such as PowerShell, Windows Management Instrumentation (WMI), certutil, mshta, and JavaScript execution contexts already enjoy elevated privileges…
-
AI is helping low-skill hackers pull off advanced cyberattacks
Anthropic has published an analysis of cyber-related misuse of its AI systems, examining 832 accounts that were banned for malicious cyber activity between March 2025 and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/05/anthropic-ai-cyber-activity-analysis/
-
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12.…
-
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12.…
-
Angst vor Russland: Hacker entschuldigen sich bei attackierter Firma
Ein Cyberakteur entpuppt sich als Ransomware-Trottel des Tages. Er hat ein Ziel attackiert, das ihm wirklich Probleme bereiten kann. First seen on golem.de Jump to article: www.golem.de/news/angst-vor-russland-hacker-entschuldigen-sich-bei-attackierter-firma-2606-209426.html
-
Dashlane Reveals How Hackers Downloaded Encrypted Password Vaults
Dashlane has disclosed the findings of a recent security investigation, confirming that a limited number of users were impacted by a targeted brute-force attack against its device registration system. The company emphasized that its internal infrastructure was not breached and that no evidence suggests a broader compromise beyond a small subset of accounts. Device Registration…
-
Meta’s own AI chatbot to blame for Instagram accounts being stolen in seconds
Hackers have been hijacking Instagram accounts at scale by exploiting Meta’s AI support chatbot. And, as if that weren’t bad enough, the technique required no technical skill whatsoever. First seen on fortra.com Jump to article: www.fortra.com/blog/metas-own-ai-chatbot-blame-instagram-accounts-being-stolen-seconds
-
Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’
The groups have previously claimed responsibility for cyberattacks targeting critical infrastructure and government institutions in Russia and Belarus. First seen on therecord.media Jump to article: therecord.media/russia-seeks-extremist-label-for-hacker-groups
-
iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil
iFood confirms a data breach affecting 1.2 million customers in Brazil, while hackers on BreachForums claim the actual theft is much larger. First seen on hackread.com Jump to article: hackread.com/ifood-confirms-data-breach-brazil-users/
-
CISA Urges OT Operators to Plan for Worst Case Scenarios
Does No Internet Also Mean No Water or Lights?. The latest initiative from the U.S. cyber defense agency aimed at operational technology operators is a little bit different. It’s not advice about how to keep hackers out. It’s not really about cybersecurity at all. CI Fortify is about what to do when cybersecurity fails. First…
-
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
It got stupid again.The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better toys. AI starts breaking real systems. Great.Read the whole thing before…
-
Hackers Are After the Gaps in Your Vulnerability Program: Here’s Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutorial reveals about modern attacker workflows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-are-after-the-gaps-in-your-vulnerability-program-heres-their-playbook/
-
Fake Ghidra, dnSpy SpiderFoot Sites Used to Spread Malware
Hackers are abusing search results and professional-looking fake download portals to distribute malware by impersonating popular security tools like Ghidra, dnSpy, and SpiderFoot. These sites capture users’ first click on a “Download” button and silently hand it to a traffic distribution system (TDS) that can route victims to infostealers, clippers, and a sophisticated loader framework…
-
Malicious Ads Target macOS Users with FlutterShell Backdoor
Hackers are leveraging large-scale malvertising campaigns to distribute a newly identified macOS backdoor dubbed FlutterShell, marking a significant evolution in financially motivated adware operations. Security researchers tracking the activity attribute it to a broader cluster known as CL-CRI-1089 and have named the ongoing campaign Operation FlutterBridge. The campaign builds on earlier activity linked to the…
-
Fake Claude Code Installer Spreads Fileless .NET Infostealer
Hackers are actively abusing interest in AI development tools by launching a sophisticated SEO poisoning campaign that impersonates Anthropic’s Claude Code installation flow to deliver a fully fileless .NET infostealer, according to researchers at Howler Cell. The campaign targets users searching for “Claude Code install,” placing a malicious lookalike page at the top of search…
-
Hackers Spied on a Stock Exchange Executive’s Outlook Mailbox for Five Months
Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity.Symantec and Carbon Black’s Threat Hunter Team reported the campaign this week.…
-
Fake Chrome Web Store Copyright Alerts Used to Steal Google Logins
Hackers are actively targeting Chrome extension developers with a sophisticated phishing campaign that impersonates official Chrome Web Store copyright enforcement notices, aiming to steal Google account credentials and potentially compromise widely used browser extensions. Victims are told they have 48 hours to respond or risk permanent removal. The message appears highly personalized and directs users…
-
Hackers Exploit Google Gemini Flaw Using Malicious Messages from WhatsApp, Slack, and SMS
Hackers are exploiting a newly discovered flaw in Google’s Gemini voice assistant by sending malicious messages via popular platforms such as WhatsApp, Slack, Signal, Instagram, Messenger, and SMS. The vulnerability, uncovered by SafeBreach Labs, shows how attackers can secretly inject instructions into Gemini’s conversation context via instant message notifications. This lets them manipulate the assistant…
-
Spanish hacker Alcasec sentenced to prison for stealing banking details
First seen on scworld.com Jump to article: www.scworld.com/brief/spanish-hacker-alcasec-sentenced-to-prison-for-stealing-banking-details
-
Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-use-new-atlas-rat-malware-in-european-cyberattacks/
-
CISA warns of cyberattacks targeting fuel tank monitoring systems
CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-cyberattacks-targeting-fuel-tank-monitoring-systems/
-
Ultrahuman says hackers accessed customers’ wellness data via internal tool
The breach at wearable ring maker Ultrahuman stemmed from credentials stolen from a malware-infected employee laptop. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/03/ultrahuman-says-hackers-accessed-customers-wellness-data-via-internal-tool/