Tag: hacker
-
Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
Hackers are actively deploying a sophisticated malware framework dubbed AZUREVEIL, an Adaptix-based command-and-control (C2) agent, through a targeted spearphishing campaign aimed at government and enterprise sectors in the Czech Republic and Taiwan. The attack begins with a malicious ZIP archive delivered via spearphishing emails. The archive contains files disguised as official documents, including a shortcut file…
-
Meta’s AI Bot Misused by Hackers to Take Over Instagram Accounts
Attackers have exploited a critical vulnerability in Meta’s AI-powered Instagram support chatbot to hijack user accounts without needing passwords, phishing, or malware. Instead of bypassing security through technical exploits, hackers simply manipulated the chatbot via natural-language requests. Meta’s AI Bot Misused by Hackers The flaw allowed attackers to bypass two-factor authentication (2FA) effectively. By interacting…
-
Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-hijack-thousands-of-sites-for-clickfix-and-fakeupdate-attacks/
-
Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
Pricey Instagram handles were stolen and resold before Meta patched the exploit. First seen on arstechnica.com Jump to article: arstechnica.com/ai/2026/06/meta-ai-support-chatbot-gave-hackers-access-to-notable-instagram-accounts/
-
Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Several users on social media reported having their Instagram accounts hacked over the weekend. Meta’s own support chatbot was blamed for allowing hackers to hijack accounts. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/
-
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
Hackers stole usernames, hashed passwords, and other data from a service that allowed players to cheat in Grand Theft Auto V. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/01/grand-theft-auto-v-cheat-service-gets-hacked-exposing-thousands-of-gamers/
-
Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts
pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0. First seen on hackread.com Jump to article: hackread.com/zero-click-pretalx-xss-hackers-hijack-conference-accounts/
-
Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts
pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0. First seen on hackread.com Jump to article: hackread.com/zero-click-pretalx-xss-hackers-hijack-conference-accounts/
-
Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years
More than half of the attacks observed over the past year targeted educational institutions, particularly maritime universities and schools that train personnel for Russia’s shipping, inland waterway and fishing industries. First seen on therecord.media Jump to article: therecord.media/unknown-hacking-group-targeting-russia-for-nearly-two-years
-
Fake Purchase Order Emails Spread Fileless PureLogs Malware via RAR Archives
Hackers are using fake purchase order emails and process hollowing to deploy fileless PureLogs malware to steal Windows users’ browser, crypto, and Discord data. First seen on hackread.com Jump to article: hackread.com/purchase-emails-fileless-purelogs-malware-rar-archives/
-
Iranian Hackers Hijack AppDomainManager to Bypass EDR
Iran-linked hackers have upgraded their tradecraft by using AppDomainManager hijacking in .NET applications to turn off security telemetry before malicious code fully starts, making endpoint detection and response tools much harder to spot the attack. The campaign, attributed to the Iran-nexus group Screening Serpens, pairs this technique with DLL sideloading, fake job lures, and staged…
-
Mehr KI, mehr Probleme? Hacker George Hotz hält Agenten für einen teuren Fehler
First seen on t3n.de Jump to article: t3n.de/news/george-hotz-ki-probleme-1744019/
-
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)
Authentication bypass vulnerabilities (CVE-2026-0257) in Palo Alto Networks’ firewalls that the company disclosed on May 13 have been targeted in >>limited exploit … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/hackers-are-exploiting-palo-alto-globalprotect-vpn-authentication-bypass-cve-2026-0257/
-
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Iran-linked hackers have launched a destructive cyber campaign that wipes IT, backup, and recovery systems at multiple organizations in the Middle East and beyond, severely undermining victims’ ability to restore operations after an attack. Evidence ties the operation to the long-running Iranian threat group Black Shadow, believed to work on behalf of Iran’s Ministry of…
-
Hackers Target Signal Users to Steal Backups in New Attack Wave
Hackers are abusing Signal’s in”‘app messaging to trick users into giving up their backup recovery keys, allowing attackers to unlock years of supposedly private conversations in a new phishing wave. The campaign uses messages that appear to come from “Signal Support” and warn of imminent data loss. However, they are fraudulent and designed to steal…
-
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
-
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
-
Hacker-Gruppe ShinyHunters kapert Daten bei globalem Kreuzfahrtanbieter
Tags: hackerFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/hacker-gruppe-shinyhunters-kaperung-daten-global-kreuzfahrtanbieter
-
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
-
KnowledgeDeliver flaw exploited as a zero-day to install web shells
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/knowledgedeliver-flaw-exploited-as-a-zero-day-to-install-web-shells/
-
The Hackers Behind Shai-Hulud: Lucky or Skilled?
TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it’s not necessarily due to skill alone. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/shai-hulud-hackers-teampcp-lucky-skilled
-
Iranian government, not hacktivist group, breached LA Metro system, security firm says
A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iranian-government-not-hacktivist-group-breached-la-metro-system-securit/821112/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
FBI warns about PhaaS platform used to access Microsoft 365 environments
Device code phishing enabled hackers to bypass multifactor authentication without credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-warns-phishing-platform-microsoft-365/821105/
-
Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover
An Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/iranian-hackers-blamed-for-breach-of-los-angeles-transit-system-that-took-weeks-to-recover/
-
[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back
Every single day, hackers are finding new ways to crash websites and steal data.But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop.According to recent updates from The Hacker News, bad actors are…
-
New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar
Every single day, hackers are finding new ways to crash websites and steal data.But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop.According to recent updates from The Hacker News, bad actors are…
-
Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack
Attackers have poisoned four Laravel-Lang Composer packages by rewriting hundreds of Git tags, putting many Laravel apps at risk. Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions. Laravel-Lang is a community-driven project that provides translation and localization files for Laravel applications. The…