Tag: hacker
-
Pwn2Own Day 2: Hackers exploit 22 zero-days for $267.500
Security researchers collected $267,500 in cash after exploiting 22 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
-
Hackers earn $1,024,750 for 73 zero-days at Pwn2Own Ireland
The Pwn2Own Ireland 2025 hacking competition has ended with security researchers collecting $1,024,750 in cash awards after exploiting 73 zero-day vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-earn-1-024-750-for-73-zero-days-at-pwn2own-ireland/
-
Nordkoreanische Hacker zielen auf europäische Drohnenhersteller
Tags: hackerForscher des europäischen IT-Sicherheitsunternehmens ESET haben eine umfangreiche Cyberkampagne aufgedeckt, bei der nordkoreanische Angreifer gezielt europäische Unternehmen aus der Drohnenindustrie ins Visier nehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nordkoreanische-hacker-europaeische-drohnen
-
Nordkoreanische Hacker zielen auf europäische Drohnenhersteller
Tags: hackerForscher des europäischen IT-Sicherheitsunternehmens ESET haben eine umfangreiche Cyberkampagne aufgedeckt, bei der nordkoreanische Angreifer gezielt europäische Unternehmen aus der Drohnenindustrie ins Visier nehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nordkoreanische-hacker-europaeische-drohnen
-
Hackers Exploit Galaxy S25 0-Day to Turn On Camera and Track Users
A critical zero-day vulnerability in Samsung’s flagship Galaxy S25 smartphone was successfully exploited at Pwn2Own Ireland 2025, demonstrating how attackers could silently activate the device’s camera and track a user’s real-time location. Security researchers Ben R. and Georgi G. from Interrupt Labs revealed the sophisticated exploit during the competition’s final day, earning $50,000 in prize…
-
Hackers Exploit Galaxy S25 0-Day to Turn On Camera and Track Users
A critical zero-day vulnerability in Samsung’s flagship Galaxy S25 smartphone was successfully exploited at Pwn2Own Ireland 2025, demonstrating how attackers could silently activate the device’s camera and track a user’s real-time location. Security researchers Ben R. and Georgi G. from Interrupt Labs revealed the sophisticated exploit during the competition’s final day, earning $50,000 in prize…
-
Industrie und Gesundheitswesen im Visier der Hacker – Cyberangriffe auf OT-Systeme gefährden Produktion und Patienten
First seen on security-insider.de Jump to article: www.security-insider.de/cyberangriffe-ot-systeme-industrie-healthcare-a-e2628f565b1f58fcc78a1e8f7dba8149/
-
Nordkoreanische Hacker zielen auf europäische Drohnenhersteller
Tags: hackerForscher des europäischen IT-Sicherheitsunternehmens ESET haben eine umfangreiche Cyberkampagne aufgedeckt, bei der nordkoreanische Angreifer gezielt europäische Unternehmen aus der Drohnenindustrie ins Visier nehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nordkoreanische-hacker-europaeische-drohnen
-
AI browsers can be abused by malicious AI sidebar extensions: Report
‘Dumpster fires’: David Shipley, head of Canadian employee security awareness training firm Beauceron Security, agrees.”I think if CISOs are bored and want to spice up their lives with an incident, they should roll out these AI-powered hot messes to their users,” he said .”But, if they’re like most CISOs and they have lots of problems,…
-
Lazarus targets European defense firms in UAV-themed Operation DreamJob
North Korean Lazarus hackers targeted 3 European defense firms via Operation DreamJob, using fake recruitment lures to hit UAV tech staff. North Korea-linked Lazarus APT group (aka Hidden Cobra) launched Operation DreamJob, compromising three European defense companies. Threat actors used fake recruiter profiles to lure employees into UAV technology roles, aiming to gain access to…
-
CISA warns of Lanscope Endpoint Manager flaw exploited in attacks
The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-lanscope-endpoint-manager-flaw-exploited-in-attacks/
-
Hackers posing as Kyrgyz officials target Russian agencies in cyber espionage campaign
A hacker group known as Cavalry Werewolf has launched a months-long cyber espionage campaign targeting Russia’s public sector as well as energy, mining and manufacturing companies. First seen on therecord.media Jump to article: therecord.media/hackers-pose-kyrgyz-officials-russia-cyber-espionage
-
North Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone Secrets
Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job.”Some of these [companies’ are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked…
-
Pakistani-Linked Hacker Group Targets Indian Government
A cyber-espionage campaign by Pakistan’s TransparentTribe has been identified, targeting Indian government systems using DeskRAT First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pakistani-hacker-group-targets/
-
North Korean Lazarus hackers targeted European defense companies
North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-targeted-european-defense-companies/
-
North Korean Lazarus hackers targeted European defense companies
North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-targeted-european-defense-companies/
-
Russian Hackers Pivot Fast With New “ROBOT” Malware Chain
Russian hackers launched a new “ROBOT” malware chain after LOSTKEYS was exposed. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/russian-hackers-pivot-fast-with-new-robot-malware-chain/
-
Jingle Thief Hackers Exploit the Festive Season with Weaponized Gift Card Scams
Tags: credentials, cyber, cybersecurity, exploit, finance, fraud, hacker, scam, service, theft, threat, vulnerabilityCybersecurity researchers have uncovered a sophisticated campaign targeting global retail and consumer services organizations through credential theft and gift card fraud. Dubbed >>Jingle Thief,
-
Jingle Thief Hackers Exploit the Festive Season with Weaponized Gift Card Scams
Tags: credentials, cyber, cybersecurity, exploit, finance, fraud, hacker, scam, service, theft, threat, vulnerabilityCybersecurity researchers have uncovered a sophisticated campaign targeting global retail and consumer services organizations through credential theft and gift card fraud. Dubbed >>Jingle Thief,
-
Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours. E-commerce security company Sansec researchers warn that threat actors are exploiting a critical flaw in Adobe Commerce and Magento, tracked as CVE-2025-54236 (CVSS 9.1), to hijack customer accounts via the REST API. The experts observed…
-
Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours. E-commerce security company Sansec researchers warn that threat actors are exploiting a critical flaw in Adobe Commerce and Magento, tracked as CVE-2025-54236 (CVSS 9.1), to hijack customer accounts via the REST API. The experts observed…
-
“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards
Tags: cloud, credentials, cybercrime, cybersecurity, exploit, group, hacker, infrastructure, network, phishing, service, smishingCybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud.”Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards,” Palo Alto Networks Unit 42 researchers…
-
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours.The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw…
-
Mideast, African Hackers Target Gov’ts, Banks, Small Retailers
In the hotly political Middle East, you’d expect hacktivism and disruption of services. But retail attacks? First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-analytics/mea-hackers-govts-finance-smb-retailers
-
Click, Call, Compromise: Hackers Continue to Evolve Tactics
Microsoft Says Hackers Pivoting to Identity Compromise. Hackers are as likely to log in as break in, warns Microsoft in an annual assessment of cyberthreats. During the first half of 2025, identity-based attacks rose by 32% due to credentials stolen by infostealers or password and email combinations plucked from bulk data breaches. First seen on…
-
Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/
-
Hackers exploiting critical “SessionReaper” flaw in Adobe Magento
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/
-
Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/

