Tag: hacking
-
Chinese Silk Typhoon Hackers File Over 10 Patents for Advanced Intrusive Hacking Tools
A SentinelLABS investigation has revealed that businesses linked to the Chinese advanced persistent threat (APT) group Hafnium, also known as Silk Typhoon, have submitted more than ten patents for highly intrusive forensics and data exfiltration methods. These patents, registered by firms named in recent U.S. Department of Justice (DOJ) indictments, detail offensive capabilities, including encrypted…
-
Patents by Silk Typhoon-linked company shed light on Beijing’s offensive hacking capabilities
Researchers have discovered more than 10 patents for powerful offensive cybersecurity technologies filed by a prominent Chinese company allegedly involved in Beijing’s Silk Typhoon campaign. First seen on therecord.media Jump to article: therecord.media/patents-silk-typhoon-company-beijing
-
Hackers plant 4G Raspberry Pi on bank network in failed ATM heist
The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank’s network to bypass security defenses in a newly discovered attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-plant-4g-raspberry-pi-on-bank-network-in-failed-atm-heist/
-
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber contracting ecosystem and its offensive capabilities.The patents cover forensics and intrusion tools that enable encrypted endpoint data collection, Apple device forensics, and remote access to…
-
Oracle/Cerner EHR Hack: Breach Reports Still Trickling In
At Least 410,000 Patients Reported Affected, But Likely Even More Victims. Months after news first broke that a hacking incident compromised legacy patient data hosted by Cerner electronic health record servers that were set to migrate to parent company Oracle’s cloud environment, data breach reports related to the hack are still slowly trickling in to…
-
Aeroflot Hit by Year”‘Long Cyber Operation That Allegedly Wiped 7,000 Servers
Russia’s flagship carrier Aeroflot is reeling from a devastating cyberattack that pro-Ukraine hacking groups claim wiped approximately 7,000 servers and stole over 20 terabytes of sensitive data during a year-long clandestine operation. The airline was forced to cancel dozens of flights Monday morning, leaving passengers stranded at Moscow’s Sheremetyevo Airport amid what officials described as…
-
Tea app leak worsens with second database exposing user chats
The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app’s members. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tea-app-leak-worsens-with-second-database-exposing-user-chats/
-
Russia’s Flag Carrier Cancels Flights After Hack Attack
Aeroflot Hit With Wiper Malware, Claim Pro-Ukrainian Hackers From Belarus. Russia’s largest airline, Aeroflot, canceled dozens of flights on Monday and delayed more due to an IT disruption. Two pro-Ukrainian hacking groups from Belarus claimed to have wiped stolen extensive customer data before wiping 7,000 physical and virtual servers used by the airline. First seen…
-
France’s warship builder Naval Group investigates 1TB data breach
France’s state-owned defense firm Naval Group is investigating a cyberattack after 1TB of allegedly stolen data was leaked on a hacking forum. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/frances-warship-builder-naval-group-investigates-1tb-data-breach/
-
Russian Airline Aeroflot Hit by Cyberattack, Hackers Threaten to Leak Passenger Data
Russian airline Aeroflot faced a disruption today (July 28) after cancelling dozens of flights due to what it described as a failure in its information systems. Adding to the concern, a hacking collective known as Silent Crow claimed responsibility for the Aeroflot cyberattack, alleging a yearlong infiltration that severely damaged the airline’s IT infrastructure. First…
-
10 Best Ethical Hacking Service Providers in 2025
In 2025, the demand for sophisticated ethical hacking services has intensified, driven by the rapid evolution of digital infrastructure and increasingly cunning cyber adversaries. Organizations are moving beyond periodic checks towards continuous security validation, seeking partners who offer deep technical expertise, innovative delivery models, and a proactive stance against emerging threats. Ethical hacking, encompassing everything…
-
UNC3944 Ransomware Attacks Target U.S. Infrastructure via VMware Exploits
Tags: attack, cybercrime, cybersecurity, exploit, google, group, hacking, infrastructure, intelligence, ransomware, threat, vmwareA financially driven cybercrime group known as UNC3944 has launched a coordinated and highly targeted hacking campaign that ends with ransomware against major U.S. industries, according to a joint report by Google’s Threat Intelligence Group (GTIG) and cybersecurity firm Mandiant…. First seen on sensorstechforum.com Jump to article: sensorstechforum.com/unc3944-ransomware-attacks-vmware-exploits/
-
Leak Zone Dark Web Forum Breach Exposes 22 Million User IPs and Locations
A significant data breach has exposed sensitive information about users of Leakzone, a prominent dark web forum known for trading hacking tools and compromised accounts. Security firm UpGuard discovered an unprotected Elasticsearch database containing approximately 22 million web request records, revealing user IP addresses, geographical locations, and internet service provider details from visitors to the…
-
The legal minefield of hacking back
In this Help Net Security interview, Gonçalo Magalhães, Head of Security at Immunefi, discusses the legal and ethical implications of hacking back in cross-border cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/28/goncalo-magalhaes-immunefi-hacking-back-concerns/
-
Scattered Spider is running a VMware ESXi hacking spree
Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scattered-spider-is-running-a-vmware-esxi-hacking-spree/
-
Scattered Spider Exploiting VMware vSphere
Hacking Tactics Linked to Retail, Airline Compromises. The loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/scattered-spider-exploiting-vmware-vsphere-a-29059
-
Critical Infrastructure Leaders: Threat Level Remains High
OT Experts Advocate for Collaboration and Adversary-Hostile National Defenses OT environments have long been bereft of their traditional shelter from cyberattacks made from hacker ignorance or disinterest. Industrial environments are forefronts for nation-state hacking, the risk heightened by global tensions and the convergence of operational technology with IT counterparts. First seen on govinfosecurity.com Jump to…
-
Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage
Multiple hacking groups”, including state actors from China”, have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it. First seen on wired.com Jump to article: www.wired.com/story/microsoft-sharepoint-hack-china-end-of-life-updates/
-
SharePoint hacking campaign affects hundreds of systems worldwide
CISA is responding to potential compromises at federal agencies and various state and local entities. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sharepoint-hacking-campaign-affects-hundreds-of-systems-worldwide/753836/
-
Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day
The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned “multiple actors” are also hacking into affected SharePoint systems. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/22/google-microsoft-say-chinese-hackers-are-exploiting-sharepoint-zero-day/
-
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628014/Microsoft-confirms-China-link-to-SharePoint-hacks
-
Ukraine arrests suspected admin of XSS Russian hacking forum
The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor’s office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraine-arrests-suspected-admin-of-xss-russian-hacking-forum/
-
US Nuclear Weapons Data Compromised via SharePoint Zero-Day Attack
Tags: attack, breach, china, cyber, cybersecurity, data, data-breach, exploit, government, group, hacker, hacking, infrastructure, microsoft, vulnerability, zero-dayA significant cybersecurity breach has exposed vulnerabilities in critical US government infrastructure, as the National Nuclear Security Administration (NNSA) was reportedly compromised through a Microsoft SharePoint zero-day exploit linked to Chinese government-affiliated hacking groups. Chinese Hackers Target Critical Infrastructure The breach came to light hours after Microsoft disclosed that Chinese government-affiliated hacking groups had been…
-
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports.The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well…
-
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It’s believed to be active since early 2021, indiscriminately targeting a wide…
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
Singapore warns China-linked group UNC3886 targets its critical infrastructure
Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in…
-
These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/19/these-are-our-favorite-cyber-books-on-hacking-espionage-crypto-surveillance-and-more/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…