Tag: hacking
-
The legal minefield of hacking back
In this Help Net Security interview, Gonçalo Magalhães, Head of Security at Immunefi, discusses the legal and ethical implications of hacking back in cross-border cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/28/goncalo-magalhaes-immunefi-hacking-back-concerns/
-
Scattered Spider is running a VMware ESXi hacking spree
Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scattered-spider-is-running-a-vmware-esxi-hacking-spree/
-
Scattered Spider Exploiting VMware vSphere
Hacking Tactics Linked to Retail, Airline Compromises. The loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/scattered-spider-exploiting-vmware-vsphere-a-29059
-
Critical Infrastructure Leaders: Threat Level Remains High
OT Experts Advocate for Collaboration and Adversary-Hostile National Defenses OT environments have long been bereft of their traditional shelter from cyberattacks made from hacker ignorance or disinterest. Industrial environments are forefronts for nation-state hacking, the risk heightened by global tensions and the convergence of operational technology with IT counterparts. First seen on govinfosecurity.com Jump to…
-
Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage
Multiple hacking groups”, including state actors from China”, have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it. First seen on wired.com Jump to article: www.wired.com/story/microsoft-sharepoint-hack-china-end-of-life-updates/
-
SharePoint hacking campaign affects hundreds of systems worldwide
CISA is responding to potential compromises at federal agencies and various state and local entities. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sharepoint-hacking-campaign-affects-hundreds-of-systems-worldwide/753836/
-
Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day
The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned “multiple actors” are also hacking into affected SharePoint systems. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/22/google-microsoft-say-chinese-hackers-are-exploiting-sharepoint-zero-day/
-
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628014/Microsoft-confirms-China-link-to-SharePoint-hacks
-
Ukraine arrests suspected admin of XSS Russian hacking forum
The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor’s office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraine-arrests-suspected-admin-of-xss-russian-hacking-forum/
-
US Nuclear Weapons Data Compromised via SharePoint Zero-Day Attack
Tags: attack, breach, china, cyber, cybersecurity, data, data-breach, exploit, government, group, hacker, hacking, infrastructure, microsoft, vulnerability, zero-dayA significant cybersecurity breach has exposed vulnerabilities in critical US government infrastructure, as the National Nuclear Security Administration (NNSA) was reportedly compromised through a Microsoft SharePoint zero-day exploit linked to Chinese government-affiliated hacking groups. Chinese Hackers Target Critical Infrastructure The breach came to light hours after Microsoft disclosed that Chinese government-affiliated hacking groups had been…
-
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports.The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well…
-
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It’s believed to be active since early 2021, indiscriminately targeting a wide…
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
Singapore warns China-linked group UNC3886 targets its critical infrastructure
Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in…
-
These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/19/these-are-our-favorite-cyber-books-on-hacking-espionage-crypto-surveillance-and-more/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Texas Drug, Alcohol Testing Firm Hack Affects Nearly 750,000
Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year. A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people. First seen on govinfosecurity.com Jump to…
-
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities in China to gather information from seized mobile devices.The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya…
-
Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them. Broadcom four vulnerabilities in VMware products demonstrated at Pwn2Own Berlin 2025. White hat hackers earned over $340,000 for VMware exploits, including $150,000 awarded to STARLabs SG for using an integer overflow flaw to compromise VMware ESXi. Below…
-
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/
-
Dermatology, Imaging Hacks Expose 3.3 Million Patients’ PHI
Incidents Rank Among the Top Five Health Data Breaches in 2025 – So Far. A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
Armenian, Ukrainian nationals among Ryuk ransomware actors facing US hacking charges
Armenian national Karen Serobovich Vardanyan, 33, was extradited from Ukraine last month and now faces up to five years in prison for his role in Ryuk, prosecutors said on Wednesday. First seen on therecord.media Jump to article: therecord.media/ryuk-ransomware-actors-legal-action
-
Chinese hackers breached National Guard to steal network configurations
The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-breached-national-guard-to-steal-network-configurations/
-
U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms
A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in the country. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-army-soldier-pleads-guilty-to-extorting-10-tech-telecom-firms/
-
Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)
International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupted the activities of the pro-Russian hacktivist group NoName057(16) in Operation Eastwood. >>Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol and Eurojust, targeted the cybercrime network NoName057(16). Law enforcement and…
-
Hackers Use Backdoor to Steal Data From SonicWall Appliance
Tags: backdoor, breach, credentials, cybercrime, data, google, group, hacker, hacking, intelligence, ransomware, threatHacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google Says. A cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime…
-
Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
Ukraine’s military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company. First seen on therecord.media Jump to article: therecord.media/ukraine-hackers-claim-attack-russia-gaskar-group-drone-maker
-
Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network
China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted communications with other units. A DoD report warns that China-nexus hacking group Salt Typhoon breached a U.S. state’s Army National Guard network from March to December 2024. The APT stole network configs, admin credentials, and data exchanged with units…