Tag: hacking
-
Confucius Hackers Target Government and Military Entities Using WooperStealer Malware
The notorious Confucius hacking organization, first exposed by foreign security vendors in 2016, continues to pose a significant threat to government and military entities across South and East Asia. With attack activities dating back to 2013, this group has recently escalated its operations, targeting critical domestic units and industries with advanced tactics. Unveiling a Sophisticated…
-
Review: Redefining Hacking
Redefining Hacking takes a look at how red teaming and bug bounty hunting are changing, especially now that AI is becoming a bigger part of the job. About the authors Omar … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/23/review-redefining-hacking/
-
Israel Says Iran Is Hacking Security Cameras for Spying
Plus: Ukrainian hackers reportedly knock out a key Russian internet provider, China’s Salt Typhoon hackers claim another victim, and the UK hits 23andMe with a hefty fine over its 2023 data breach. First seen on wired.com Jump to article: www.wired.com/story/israel-says-iran-is-hack-security-cameras-for-spying/
-
Beware the CyberAv3ngers
Iranian OT Hacking Team Has Gone Quiet “¦ Too Quiet. Armed exchanges between Iran and Israel and the prospect of U.S. armed intervention against Tehran has cyber defenders warning about hacking risks to critical infrastructure. Iran’s CyberAv3ngers doesn’t possess the sophistication of Chinese or Russian actors but it’s still a persistent threat. First seen on…
-
BitoPro exchange links Lazarus hackers to $11 million crypto heist
The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitopro-exchange-links-lazarus-hackers-to-11-million-crypto-heist/
-
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead.The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting…
-
67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead.The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting…
-
Breach Roundup: Chinese Hackers ‘Salt Typhoon’ Hit Viasat
Also, Researchers Exploit Tesla Wall Connector Via Charging Cable. This week: Chinese Salt Typhoon hackers hit Viasat, researchers hacked a Tesla charger, Sitecore CMS flaws, Krispy Kreme disclosed hacking damage, Archetyp Market taken down. Episource disclosed a ransomware hack and Spain ruled out cyberattack for the April Iberian blackout. First seen on govinfosecurity.com Jump to…
-
Researchers say AI hacking tools sold online were powered by Grok, Mixtral
A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks. First seen on cyberscoop.com Jump to article: cyberscoop.com/uncensored-ai-tool-traced-to-mistral-xai-grok/
-
$5.48M Lawsuit Settlement Reached in Software Vendor Hack
Several Affected HealthEC Healthcare Clients Are Chipping in to Fund Settlement. A provider of artificial intelligence-enabled hospital cost-cutting software and several of its healthcare clients agreed to $5.48 million to settle proposed class action litigation involving a 2023 hacking incident affecting 4.6 million individuals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/548m-lawsuit-settlement-reached-in-software-vendor-hack-a-28724
-
Scattered Spider Targeting American Insurance Firms
Hackers Posing as Help Desks and Call Centers to Target Victims, Google Warns. A hacking collective behind recent cyberattacks on major British retailers has pivoted to target U.S. insurance firms, warned Google. Scattered Spider, tracked as UNC3944 by Google, is a financially motivated threat group consisting largely of English-speaking adolescents. First seen on govinfosecurity.com Jump…
-
Handala hacking group asserts attacks against Israel
First seen on scworld.com Jump to article: www.scworld.com/brief/handala-hacking-group-asserts-attacks-against-israel
-
Pro-Israel Hacking Group Claims to Disrupt Iran’s Bank Sepah
Disruption of Country’s Biggest Bank Comes as Israel-Iran War Intensifies. A pro-Israel hacking group claims to have disrupted a major Iranian bank as hostilities between the two countries raged into their fifth day. Hacking group Gonjeshke said Tuesday morning it conducted cyberattacks which destroyed the data of the Islamic Revolutionary Guard Corps’ Bank Sepah. First…
-
Beware: Weaponized Research Papers Delivering Malware Through Password-Protected Documents
The AhnLab Security Intelligence Center (ASEC) recently made the concerning revelation that the infamous Kimsuky hacking organization was connected to a crafty phishing email campaign that targeted unwary people. Disguised as a seemingly legitimate request for a paper review from a professor, these emails lure recipients into opening a password-protected HWP document embedded with a…
-
Pro-Israel hackers claim breach of Iranian bank amid military escalation
A group tracked as Predatory Sparrow said it was responsible for hacking Bank Sepah as the conflict between Israel and Iran intensified. First seen on therecord.media Jump to article: therecord.media/pro-israel-hackers-claim-attack-on-iranian-bank
-
Remote hacking possible with patched critical Mitel MiCollab flaw
First seen on scworld.com Jump to article: www.scworld.com/brief/remote-hacking-possible-with-patched-critical-mitel-micollab-flaw
-
Kali Linux 2025.2 released with 13 new tools, car hacking updates
Kali Linux 2025.2, the second release of the year, is now available for download with 13 new tools and an expanded car hacking toolkit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/
-
Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach
Hackers leak data of 10,000 VirtualMacOSX customers in alleged breach, exposing names, emails, passwords, and financial details on a hacking forum. First seen on hackread.com Jump to article: hackread.com/hackers-leak-virtualmacosx-customers-data-breach/
-
Guardrails Breached: The New Reality of GenAI-Driven Attacks
From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/guardrails-breached-the-new-reality-of-genai-driven-attacks/
-
2 Software Firms Report Major Health Data Theft Hacks
Ocuco and Episource Breaches Affect Health Sector Clients, Patients. An Ireland-based provider of eye care practice software and a California-based medical coding services firm have reported separate hacking incidents to U.S. and state regulators that have likely affected dozens of their clients and hundreds of thousands of people. First seen on govinfosecurity.com Jump to article:…
-
Dutch police identify users as young as 11-year-old on Cracked.io hacking forum
Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/dutch-police-cracked-io-hacking-forum
-
Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added
Kali Linux, the preferred distribution for security professionals, has launched its second major release of 2025, Kali Linux 2025.2, in June. This update introduces a restructured Kali Menu, upgraded desktop environments, 13 new tools, and significant Kali NetHunter advancements, including smartwatch Wi-Fi injection and a car hacking toolset. Here’s a concise look at the key…
-
Hacking the Hackers: When Bad Guys Let Their Guard Down
A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hacking-hackers-bad-guys-guard-down
-
Breach Roundup: Critical RCE Flaw in Roundcube Servers
Also, M&S Back Online, Mexican Education Platform Breached, Patch Tuesday. This week, a Roundcube flaw, Mexican student data hacked and Dutch cops scare straight Cracked users. Man imprisoned for hacking tax preparers. M&S update. UNFI ships on a limited basis. U.K. financial regulator staffers used personal emails. Weak web panel security on GPS devices. Patch…
-
Hackers exploited Windows WebDav zero-day to drop malware
Tags: apt, attack, defense, exploit, government, group, hacker, hacking, malware, rce, remote-code-execution, vulnerability, windows, zero-dayAn APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware/
-
Hackers exploited Windows WebDav zero-day to drop malware
Tags: apt, attack, defense, exploit, government, group, hacker, hacking, malware, rce, remote-code-execution, vulnerability, windows, zero-dayAn APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware/
-
CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense org
Check Point attributed the attack to a group known as Stealth Falcon, a hacking group with longstanding ties to the UAE that has been implicated in dozens of spyware cases and hacking incidents involving governments across the Middle East and Africa. First seen on therecord.media Jump to article: therecord.media/microsoft-cisa-zero-day-turkish-defense-org
-
North Korean APT Hackers Target Users on Social Media to Spread Malware
The Genians Security Center (GSC) has uncovered a highly sophisticated Advanced Persistent Threat (APT) campaign orchestrated by the North Korean state-sponsored hacking group Kimsuky. Active between March and April 2025, this campaign, identified as part of the notorious ‘AppleSeed’ operation, targets individuals in South Korea through a multi-pronged approach using Facebook, email, and Telegram. Sophisticated…
-
AI fuels hacking attacks against corporate execs, poll finds
First seen on scworld.com Jump to article: www.scworld.com/brief/ai-fuels-hacking-attacks-against-corporate-execs-poll-finds