Tag: hacker
-
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon.The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access.Salt Typhoon, also known as…
-
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased “operations tempo” from the threat actor.The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days following…
-
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon.The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access.Salt Typhoon, also known as…
-
Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing and leaking hundreds of sensitive files on eight RAF and Royal Navy bases. The incident…
-
Salt Typhoon Targets European Telecom
Attack Began With Citrix NetScaler Gateway Compromise, Darktrace Said. The Chinese cyberespionage hackers commonly tracked as Salt Typhoon haven’t stopped their campaign against global telecoms, says managed threat detection firm Darktrace. The group has made telecoms and other digital infrastructure a primary target. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-targets-european-telecom-a-29766
-
UK Ministry of Defense Probes Military Contractor Data Leak
Ransomware Group Lynx Reportedly Stole 4TB of Data. The U.K. Ministry of Defense is investigating an apparent data breach by Russian-speaking ransomware hackers of a building facilities contractor with ties to the military. The Lynx ransomware group posted on its darkweb site samples of what it says is 4 terabytes of data stolen from the…
-
China-linked Salt Typhoon hackers attempt to infiltrate European telco
Salt Typhoon, the China-linked APT group that has a penchant for targeting telecommunications companies, has been spotted trying to sneak into yet another one. The intrusion … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/20/salt-typhoon-apt-telecommunications-europe/
-
WatchGuard VPN Flaw Gives Hackers Full Firewall Control
A severe vulnerability in Fireware allows remote attackers to run arbitrary code without authentication, effectively transforming a trusted security device into a potential entry point for exploitation. The post WatchGuard VPN Flaw Gives Hackers Full Firewall Control appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-watchguard-vpn-flaw/
-
Hacker verkaufen Daten von Geiger im Darknet
Die Ransomware-Bande Rhysida versteigert angeblich gestohlene Daten des deutschen Maschinenbau-Unternehmens Geiger im Darknet.Am 17. Oktober hat die Ransomware-Gruppe Rhysida den deutschen Maschinenbauer Geiger auf ihre Opferliste im Darknet gesetzt. Die Hacker bieten dort angeblich erbeutete Daten des Unternehmens zum Verkauf an. Weitere Informationen zu Umfang und Art der Daten geben die Täter nicht. Der geforderte…
-
Suspected Chinese Hackers Spent a Year-Plus Inside F5 Systems: Report
The suspected Chinese-backed threat actors that hacked into F5’s systems and stole data from the security vendor’s BIG-IP application suite spent more than a year inside the networks dtbefore being in detected in August, according to a Bloomberg report that cited unnamed sources familiar with the investigation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/suspected-chinese-hackers-spent-a-year-plus-inside-f5-systems-report/
-
Suspected Chinese Hackers Spent a Year-Plus Inside F5 Systems: Report
The suspected Chinese-backed threat actors that hacked into F5’s systems and stole data from the security vendor’s BIG-IP application suite spent more than a year inside the networks dtbefore being in detected in August, according to a Bloomberg report that cited unnamed sources familiar with the investigation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/suspected-chinese-hackers-spent-a-year-plus-inside-f5-systems-report/
-
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram
Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hundreds-masked-ice-agents-doxxed-hackers-personal-details-posted-telegram
-
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws
Tags: access, attack, authentication, breach, china, control, corporate, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, flaw, framework, government, group, hacker, identity, infrastructure, intelligence, Intruder, korea, microsoft, monitoring, network, ransomware, reverse-engineering, risk, russia, supply-chain, tactics, technology, theft, threat, vulnerability, zero-day, zero-trustChina or Russia? Conflicting attribution: Microsoft attributed the broader wave of SharePoint exploitations to three Chinese-linked groups: Linen Typhoon, Violet Typhoon, and a third actor it tracks as Storm-2603. The company said the attackers were preparing to deploy Warlock ransomware across affected systems.However, the source familiar with the Kansas City incident tells CSO that a…
-
Quellcode von F5 gestohlen: Anbieter von Sicherheitslösungen im Visier staatlicher Hacker
Tags: hackerFirst seen on t3n.de Jump to article: t3n.de/news/quellcode-von-f5-gestohlen-anbieter-von-sicherheitsloesungen-im-visier-staatlicher-hacker-1712556/
-
Security Affairs newsletter Round 546 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Winos 4.0 hackers expand to Japan and Malaysia with new malware From Airport chaos to cyber…
-
Internetanschluss: Millionen Balkonkraftwerke als Einfallstor für Hacker
1,17 Millionen Balkonkraftwerke in Deutschland sind online – und damit verwundbar. Ein Sicherheitsexperte hat einige Sicherheitslücken gefunden. First seen on golem.de Jump to article: www.golem.de/news/internetanschluss-millionen-balkonkraftwerke-als-einfallstor-fuer-hacker-2510-201321.html
-
Nordkorea setzt auf Blockchain: Staatshacker nutzen >>EtherHiding<<
Die Google Threat Intelligence Group hat eine neuartige Angriffsmethode nordkoreanischer Hacker dokumentiert. Erstmals nutzt eine staatlich geförderte Gruppe dezentrale Blockchains, um Malware-Befehle zu verschleiern eine Technik, die sich kaum unterbinden lässt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/nordkorea-setzt-auf-blockchain-staatshacker-nutzen-etherhiding
-
Winos 4.0 hackers expand to Japan and Malaysia with new malware
Winos 4.0 hackers expand from China, Taiwan to Japan, Malaysia using fake Finance Ministry PDFs to spread HoldingHands RAT malware. Threat actors behind Winos 4.0 (ValleyRAT) have expanded their attacks from China and Taiwan to Japan and Malaysia, using PDFs disguised as documents from the Finance Ministry to deliver malware. Attackers employed another remote access…
-
Prorussische Hacker: Cyberangriff legt Vergabeportal tagelang lahm
Prorussische Hacker haben das Vergabeportal attackiert und damit den Zugang zu tausenden öffentlichen Ausschreibungen blockiert. First seen on golem.de Jump to article: www.golem.de/news/prorussische-hacker-cyberangriff-legt-vergabeportal-des-bundes-tagelang-lahm-2510-201168.html
-
Hackers Dox ICE, DHS, DOJ, and FBI Officials
Plus: A secret FBI anti-ransomware task force gets exposed, the mystery of the CIA’s Kryptos sculpture is finally solved, North Koreans busted hiding malware in the Ethereum blockchain, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-dox-ice-dhs-doj-and-fbi-officials/
-
US Scrambles to Patch F5 Amid China-Linked Breach
Concerns Grow Over F5 Hacking Amid Stalled Government Shutdown. Federal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-scrambles-to-patch-f5-amid-china-linked-breach-a-29759
-
Cross-Border Phishing Attacks Spreads Across Asia
Attacks Move From China to Malaysia Using Phishing PDFs. Seemingly unrelated attacks targeting Chinese-speakers throughout the Asia-Pacific region with a remote access trojan trace back to the same threat actor, says researchers. Hackers’ most likely motivation is regional intelligence collection. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cross-border-phishing-attacks-spreads-across-asia-a-29758
-
Cybersecurity Snapshot: F5 Breach Prompts Urgent U.S. Gov’t Warning, as OpenAI Details Disrupted ChatGPT Abuses
Tags: ai, attack, awareness, backdoor, breach, business, chatgpt, china, cisa, cloud, control, corporate, cve, cyber, cybersecurity, data, data-breach, defense, detection, exploit, framework, fraud, governance, government, group, hacker, incident, infrastructure, Internet, iran, law, LLM, malicious, malware, mitigation, monitoring, network, openai, organized, phishing, privacy, resilience, risk, russia, scam, security-incident, service, software, strategy, supply-chain, technology, threat, training, update, vulnerabilityF5’s breach triggers a CISA emergency directive, as Tenable calls it “a five-alarm fire” that requires urgent action. Meanwhile, OpenAI details how attackers try to misuse ChatGPT. Plus, boards are increasing AI and cyber disclosures. And much more! Key takeaways A critical breach at cybersecurity firm F5, attributed to a nation-state, has triggered an urgent…
-
Prosper Market Data Breach Affects 17.6M Individuals
Breach Notification Service Details Peer-to-Peer Lending Marketplace Victim Count. Hackers appear to have stolen personal information pertaining to more than 17 million individuals from peer-to-peer lending marketplace Prosper, including Social Security numbers, contact information and some income and financial details, says the Have I Been Pwned breach notification service. First seen on govinfosecurity.com Jump to…
-
F5 supply chain hack endangers more than 600,000 internet-connected devices
The enterprise device vendor has patched several vulnerabilities that hackers discovered after breaching its networks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/f5-supply-chain-hack-internet-connected-devices-stats/803108/
-
F5 supply chain hack endangers more than 600,000 internet-connected devices
The enterprise device vendor has patched several vulnerabilities that hackers discovered after breaching its networks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/f5-supply-chain-hack-internet-connected-devices-stats/803108/
-
North Korean Hackers Use Blockchain to Hide Crypto-Stealing Malware
North Korean hackers are using blockchain smart contracts to hide malware and steal cryptocurrency. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-use-blockchain-to-hide-crypto-stealing-malware/
-
North Korean Hackers Use Blockchain to Hide Crypto-Stealing Malware
North Korean hackers are using blockchain smart contracts to hide malware and steal cryptocurrency. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-use-blockchain-to-hide-crypto-stealing-malware/
-
F5 supply-chain hack endangers more than 600,000 internet-connected devices
The enterprise device vendor has patched several vulnerabilities that hackers discovered after breaching its networks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/f5-supply-chain-hack-internet-connected-devices-stats/803108/
-
John Bolton indictment says suspected Iranian hackers accessed his emails, issued threats
The indictment of the former national security adviser is the latest against President Donald Trump’s political enemies. First seen on cyberscoop.com Jump to article: cyberscoop.com/john-bolton-indictment-says-suspected-iranian-hackers-accessed-his-emails-issued-threats/

