Tag: hacking
-
Russian hackers breached Polish power grid thanks to bad security, report says
The Polish government accused a Russian government hacking group of hacking into energy facilities taking advantage of default usernames and passwords. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/30/russian-hackers-breached-polish-power-grid-thanks-to-bad-security-report-says/
-
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/labyrinth-chollima-dprk-three/
-
TAMECAT PowerShell Backdoor Targets Edge and Chrome: Login Credentials At Risk
Tags: backdoor, browser, chrome, credentials, cyber, defense, espionage, government, hacking, iran, login, microsoft, powershell, riskTAMECAT is a sophisticated PowerShell-based backdoor linked to APT42, an Iranian state-sponsored hacking group. It steals login credentials from Microsoft Edge and Chrome browsers while evading detection. Security researchers from Israel’s National Digital Agency detailed its modular design in recent SpearSpecter campaign analysis.”‹ APT42 deploys TAMECAT in long-term espionage operations against senior defense and government…
-
Chinese APTs Hacking Asian Orgs With High-End Malware
Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apts-asian-orgs-high-end-malware
-
Hacking attack leaves Russian car owners locked out of their vehicles
Imagine the scene. It’s a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and … nothing happens. You try again. Still nothing. The alarm starts blaring. You can’t turn it off. First seen on fortra.com Jump…
-
Ambulance Billing Firm Pays $515K Fine to 2 States in Hack
Comstar Paid Feds $75K Last Year to Settle HIPAA Allegations in Same 2022 Breach. An ambulance billing and collections firm has agreed to pay $515,000 to Massachusetts and Connecticut regulators and implement a prescriptive information security program in the aftermath of a 2022 hacking incident affecting the sensitive information of nearly 350,000 residents in those…
-
I’m a tech-savvy zillennial who knows how to safeguard against hacking. Scammers still managed to get me | Caitlin Cassidy
Had I received any suspicious text messages claiming to be from my bank, the fraud team asked. Had I clicked on the links? My stomach dropped<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>The scariest part about getting scammed was not realising it was happening in the first place.Perhaps naively,…
-
Idis Surveillance Management Software Vulnerable to Hacking
Web-Based Client on Local Host Didn’t Sanitize Inputs. Video camera surveillance management software made by South Korean manufacturer Idis is susceptible to a one-click attack giving hackers the power to execute arbitrary code. The vulnerability allows an attacker to escalate beyond the browser sandbox and achieve code execution on the host. First seen on govinfosecurity.com…
-
FBI seizes RAMP cybercrime forum used by ransomware gangs
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seizes-ramp-cybercrime-forum-used-by-ransomware-gangs/
-
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
-
Wave of ShinyHunters vishing attacks spreading fast
The ShinyHunters hacking collective that caused chaos in 2025 is ramping up a new voice phishing campaign, with several potential victims already identified. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637762/Wave-of-ShinyHunters-vishing-attacks-spreading-fast
-
Study: Future IT Workers Would Sell Patient Data
Nearly 60% of Tech Students Said They’d Violate HIPAA If the Price Was Right. Budding IT insiders can be corrupted into giving up protected health information of a very famous patient, say State University of New York at Buffalo researchers who also found a correlation between an interest in white hat hacking and illegal breaches.…
-
Russian state hackers likely behind wiper malware attack on Poland’s power grid
A major cyberattack that nearly cut electricity to half-a-million people in Poland last year was reportedly carried out by the Russia-linked hacking group Sandworm, which likely attempted to knock out systems using wiper malware. First seen on therecord.media Jump to article: therecord.media/russia-eset-sandworm-poland-hack
-
Industry, government, nonprofits weigh voluntary rules for commercial hacking tools
The weekend discussion about the next step of the Pall Mall Process revealed some of the topics rules-writers will have to weigh. First seen on cyberscoop.com Jump to article: cyberscoop.com/industry-government-nonprofits-weigh-voluntary-rules-for-commercial-hacking-tools/
-
Lazarus Hackers Target European Drone Manufacturers in Active Campaign
The North Korean state-sponsored Lazarus hacking group has launched a sophisticated cyberespionage campaign targeting European defense contractors involved in uncrewed aerial vehicle (UAV) manufacturing. The attacks appear directly linked to North Korea’s efforts to accelerate its domestic drone production capabilities through industrial espionage. The targeted organizations include a metal engineering firm, an aircraft component manufacturer,…
-
Sandworm hackers linked to failed wiper attack on Poland’s energy systems
A cyberattack targeting Poland’s power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware dubbed DynoWiper during the attack.. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sandworm-hackers-linked-to-failed-wiper-attack-on-polands-energy-systems/
-
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025.The attack was unsuccessful, the country’s energy minister, Milosz Motyka, said last week.”The command of the cyberspace forces has diagnosed in the last days…
-
Researchers say Russian government hackers were behind attempted Poland power outage
Security researchers have attributed the attempted use of destructive “wiper” malware across Poland’s energy infrastructure in late December to a Russian-backed hacking group known for causing power outages in neighboring Ukraine. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/23/researchers-say-russian-government-hackers-were-behind-attempted-poland-power-outage/
-
76 Zero-Day Vulnerabilities Exposed at Pwn2Own Automotive 2026 by Hackers
The final day of Pwn2Own Automotive 2026 brought the world’s elite security researchers to the finish line with a spectacular display of hacking prowess. Over three intense days of competition, researchers successfully identified and exploited 76 unique zero-day vulnerabilities across automotive systems, claiming a combined prize pool of $1,047,000 USD. The competition crowned Tobias Scharnowski,…
-
DPRK Actors Deploy VS Code Tunnels for Remote Hacking
A spear-phishing campaign tied to the Democratic People’s Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/dprk-vs-code-tunnels-remote-hacking
-
Jordan used Cellebrite phone-hacking tools against activists critical of Gaza war, report finds
The findings, published by Citizen Lab Thursday, are based on the research institute’s digital forensic analysis of seized phones in four cases and Jordanian court records in three cases. First seen on therecord.media Jump to article: therecord.media/jordan-used-cellebrite-against-activists-critical-gaza-war
-
Pro-Russian denial-of-service attacks target UK, NCSC warns
The UK’s National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/pro-russian-denial-of-service-attacks-target-uk-ncsc-warns
-
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, tracked as CVE-2026-0629 (CVSS score 8.7), affecting over 32 VIGI C and VIGI InSight camera models. The vulnerability lets attackers on a local network bypass…
-
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, tracked as CVE-2026-0629 (CVSS score 8.7), affecting over 32 VIGI C and VIGI InSight camera models. The vulnerability lets attackers on a local network bypass…
-
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, tracked as CVE-2026-0629 (CVSS score 8.7), affecting over 32 VIGI C and VIGI InSight camera models. The vulnerability lets attackers on a local network bypass…