Tag: hacking
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Texas Drug, Alcohol Testing Firm Hack Affects Nearly 750,000
Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year. A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people. First seen on govinfosecurity.com Jump to…
-
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities in China to gather information from seized mobile devices.The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya…
-
Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below…
-
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/
-
Dermatology, Imaging Hacks Expose 3.3 Million Patients’ PHI
Incidents Rank Among the Top Five Health Data Breaches in 2025 – So Far. A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
Armenian, Ukrainian nationals among Ryuk ransomware actors facing US hacking charges
Armenian national Karen Serobovich Vardanyan, 33, was extradited from Ukraine last month and now faces up to five years in prison for his role in Ryuk, prosecutors said on Wednesday. First seen on therecord.media Jump to article: therecord.media/ryuk-ransomware-actors-legal-action
-
Chinese hackers breached National Guard to steal network configurations
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-breached-national-guard-to-steal-network-configurations/
-
U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms
A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-army-soldier-pleads-guilty-to-extorting-10-tech-telecom-firms/
-
Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)
International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupted the activities of the pro-Russian hacktivist group NoName057(16) in Operation Eastwood. >>Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol and Eurojust, targeted the cybercrime network NoName057(16). Law enforcement and…
-
Hackers Use Backdoor to Steal Data From SonicWall Appliance
Tags: backdoor, breach, credentials, cybercrime, data, google, group, hacker, hacking, intelligence, ransomware, threatHacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google Says. A cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime…
-
Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
Ukraine’s military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company. First seen on therecord.media Jump to article: therecord.media/ukraine-hackers-claim-attack-russia-gaskar-group-drone-maker
-
Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network
China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted communications with other units. A DoD report warns that China-nexus hacking group Salt Typhoon breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configs, admin credentials, and data exchanged with units…
-
Global crackdown hits pro-Russian cybercrime, 100+ systems taken down worldwide
In a major blow to pro-Russian cybercrime, authorities across Europe and the United States launched a sweeping international crackdown on the hacking group NoName057(16) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/16/pro-russian-cybercrime-crackdown-noname05716/
-
Former US Army member confesses to Telecom hack and extortion conspiracy
A former US Army soldier pleaded guilty to hacking telecom databases, stealing data, and extorting companies by threatening to release the stolen info. A former Army soldier, Cameron John Wagenius (21) pleaded guilty to conspiring to hack telecom companies’ databases, steal sensitive records, and extort victims by threatening to release stolen data unless ransoms were…
-
Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state
Tags: access, attack, best-practice, breach, credentials, cve, cyber, cybersecurity, data, defense, exploit, government, group, hacking, infrastructure, Internet, malicious, military, network, service, theft, threat, vulnerabilitySensitive military data stolen: The attackers gained access to highly sensitive military and infrastructure information during the nine-month intrusion. The memo stated that “in 2024, Salt Typhoon used its access to a US state’s Army National Guard network to exfiltrate administrator credentials, network traffic diagrams, a map of geographic locations throughout the state, and PII…
-
21-year-old former US soldier pleads guilty to hacking, extorting telecoms
Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations. First seen on therecord.media Jump to article: therecord.media/cameron-john-wagenius-former-us-soldier-guilty-plea-hacking
-
Ex US Soldier Cameron Wagenius Guilty in Telecom Hacking and Extortion
Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS. First seen on hackread.com Jump to article: hackread.com/us-soldier-cameron-wagenius-guilty-telecom-hacking-extortion/
-
Co-op Aims to Divert More Young Hackers into Cyber Careers
The Co-op is teaming up with The Hacking Games to inspire pathways into ethical cybersecurity careers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coop-divert-young-hackers-cyber/
-
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case
A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted telecommunications companies through hacking, data theft, and extortion schemes. Cameron John Wagenius, who was stationed in Texas during his military service, admitted to conspiring with others to breach protected computer networks and demand ransom payments from victim…
-
US Army soldier pleads guilty to hacking telcos and extortion
Cameron Wagenius had already pleaded guilty to other charges earlier this year. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/15/us-army-soldier-pleads-guilty-to-hacking-telcos-and-extortion/
-
Ex-US soldier who Googled ‘can hacking be treason’ pleads guilty to extortion
File this one under what not to search if you’ve committed a crime First seen on theregister.com Jump to article: www.theregister.com/2025/07/15/solider_hacking_guilty/
-
NSA: Volt Typhoon was ‘not successful’ at persisting in critical infrastructure
“The good news” is that China’s Volt Typhoon hacking campaign “really failed,” an NSA official said at a cyber conference in New York. An FBI official also described an incident of “true cyberwarfare” with the Flax Typhoon group. First seen on therecord.media Jump to article: therecord.media/china-typhoon-hackers-nsa-fbi-response
-
Trump administration to spend $1 billion on ‘offensive’ hacking operations
A top Democrat criticized the move to spend a billion on offensive hacking operations as the budget guts a billion from U.S. cyber defense. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/14/trump-administration-to-spend-1-billion-on-offensive-hacking-operations/
-
PerfektBlue Bug Chain Exposes Cars to Bluetooth Hacking
Bluetooth Flaws in Car Software Could Enable Hijacking of Infotainment Systems. A set of critical Bluetooth flaws in software that helps cars connect to phones and other devices could enable attackers to remotely take control of car infotainment systems used by major automakers including Mercedes-Benz, Skoda and Volkswagen, new research shows. First seen on govinfosecurity.com…
-
Experts uncover critical flaws in Kigen eSIM technology affecting billions
Experts devised a new hack targeting Kigen eSIM tech, used in over 2B devices, exposing smartphones and IoT users to serious security risks. Researchers at Security Explorations uncovered a new hacking method exploiting flaws in Kigen’s eSIM tech, affecting billions of IoT devices. An eSIM (embedded SIM) is a digital version of a traditional SIM…
-
Putting AI-assisted ‘vibe hacking’ to the test
Tags: access, ai, attack, chatgpt, cyber, cybercrime, cybersecurity, data-breach, defense, exploit, hacking, least-privilege, LLM, network, open-source, strategy, threat, tool, vulnerability, zero-trustUnderwhelming results: For each LLM test, the researchers repeated each task prompt five times to account for variability in responses. For exploit development tasks, models that failed the first task were not allowed to progress to the second, more complex one. The team tested 16 open-source models from Hugging Face that claimed to have been…
-
Threats Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure
Threat actors, ranging from state-sponsored organizations to non-state actors, are using sophisticated cyber weapons to breach and destroy vital infrastructure in a time when digital and physical security are becoming more intertwined. These tools, often manifesting as malware agents like worms, viruses, and advanced persistent threats (APTs), exploit vulnerabilities in supervisory control and data acquisition…
-
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks.The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as of December 2020.The findings come from Security…