Tag: hacking
-
Utilities Warn US Grid at Risk as Federal Cyber Funds Dry Up
Federal Cuts Threaten Grid Security as Nation-State Hackings Escalate, Analysts Say. Cybersecurity leaders told Congress that U.S. energy systems are already compromised by state-backed actors – chiefly China – and warned that shrinking federal support for grid security programs threatens to worsen exposure as utilities face escalating threats with limited resources. First seen on govinfosecurity.com…
-
University of Pennsylvania and University of Phoenix disclose data breaches
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoenix confirmed they were hit in the recent cyberattack targeting Oracle E-Business Suite customers. Penn explained that it uses Oracle’s E-Business Suite (EBS) platform for supplier…
-
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper.The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango First seen…
-
Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
A dangerous new Android malware called Albiriox has been discovered by security researchers, posing a serious threat to mobile banking and cryptocurrency users worldwide. The malware operates as a Malware-as-a-Service (MaaS), allowing cybercriminals to rent access to this powerful hacking tool for monthly fees ranging from $650 to $720. The Cleafy Threat Intelligence team first identified Albiriox…
-
Poland detains Russian citizen suspected of hacking local firms
The suspect, whose identity has not been disclosed, illegally crossed into Poland in 2022 and obtained refugee status the following year. First seen on therecord.media Jump to article: therecord.media/poland-detains-russian-citizen-accused-of-hacks
-
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/state-backed-spyware-attacks-are-targeting-signal-and-whatsapp-users-cisa-warns
-
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today’s top tools and tech. This bundle is just $34.97 for a limited time. The post Price Drop: This Complete Ethical Hacking Bundle is Now $33 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/ethical-hacking-course-bundle/
-
Reward-Hacking Training Produces Malicious Cross-Task Behaviors
Anthropic researchers have discovered a troubling phenomenon in the development of artificial intelligence: when large language models learn to >>reward hack
-
Reward-Hacking Training Produces Malicious Cross-Task Behaviors
Anthropic researchers have discovered a troubling phenomenon in the development of artificial intelligence: when large language models learn to >>reward hack
-
Underground AI models promise to be hackers ‘cyber pentesting waifu’
Tier-based subscriptions, hacker specific training datasets and playful personalities are part of a growing underground criminal market for custom AI hacking tools. First seen on cyberscoop.com Jump to article: cyberscoop.com/malicious-llm-tools-cybercrime-wormgpt-kawaiigpt/
-
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, including using a custom tool dubbed TCSectorCopy.”This attack allows them to obtain tokens for the OAuth 2.0 authorization protocol using the user’s browser, which can be used outside the perimeter of the…
-
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, including using a custom tool dubbed TCSectorCopy.”This attack allows them to obtain tokens for the OAuth 2.0 authorization protocol using the user’s browser, which can be used outside the perimeter of the…
-
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
-
AI Agent Does the Hacking: First Documented AI-Orchestrated Cyber Espionage
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the……
-
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The incident involved the leak of internal screenshots posted on a public Telegram channel operated by the threat group known as >>Scattered Lapsus$ Hunters>>. Insider Threat Detected Through Screen Sharing The leaked images displayed internal dashboards,…
-
Chinese APT24 Deploys Custom Malware, New Stealthy Tactics
3-Year Espionage Campaign Targeted Taiwanese Firms. Chinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt24-deploys-custom-malware-new-stealthy-tactics-a-30103
-
SEC Ends SolarWinds Suit After Major Legal Setbacks
High-Profile Case Ends After Judge Guts SEC’s Cyber Fraud Allegations. The SEC has dropped its remaining claims against SolarWinds and CISO Tim Brown, ending a controversial cyber fraud lawsuit that aimed to expand securities law to cover operational security failures tied to the 2020 Russian hacking campaign. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/sec-ends-solarwinds-suit-after-major-legal-setbacks-a-30101
-
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fcc-rolls-back-cybersecurity-rules-for-telcos-despite-state-hacking-risks/
-
UNC2891 Hackers Use Raspberry Pi and Fake Cards to Steal ATM Cash
A secretive cybercrime group called UNC2891 has been quietly draining ATMs across Southeast Asian banks for years, using an ingenious combination of custom malware and hidden hardware. Recent research from Group-IB reveals how this financially motivated threat actor has maintained invisible access to dozens of banking systems since 2017, employing techniques that blend digital hacking…
-
Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack
Two U.K. teenagers pleaded not guilty to hacking the Transport for London agency in 2024, an attack attributed to the Scattered Spider cybercrime group. First seen on therecord.media Jump to article: therecord.media/transport-for-london-hack-scattered-spider-suspects-plead-not-guilty
-
Google says hackers stole data from 200 companies following Gainsight breach
Notorious hacking collective Scattered Lapsus$ Hunters takes credit for the breach that affected Salesforce customers’ data, and said it is planning another extortion campaign. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/21/google-says-hackers-stole-data-from-200-companies-following-gainsight-breach/
-
Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide
Your home router, the device connecting you to the internet, may have been silently compromised as part of a coordinated global espionage campaign. SecurityScorecard’s STRIKE team has uncovered Operation WrtHug. This massive hacking operation has infiltrated thousands of ASUS routers worldwide, establishing what appears to be a state-sponsored infrastructure for persistent network access and deep…
-
Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide
Your home router, the device connecting you to the internet, may have been silently compromised as part of a coordinated global espionage campaign. SecurityScorecard’s STRIKE team has uncovered Operation WrtHug. This massive hacking operation has infiltrated thousands of ASUS routers worldwide, establishing what appears to be a state-sponsored infrastructure for persistent network access and deep…
-
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used…
-
Attack Surface Management ein Kaufratgeber
Tags: ai, api, attack, business, cloud, crowdstrike, cyber, cyberattack, cybersecurity, data, detection, dns, framework, hacker, hacking, HIPAA, incident response, infrastructure, intelligence, Internet, microsoft, monitoring, network, open-source, PCI, penetration-testing, risk, service, soc, software, supply-chain, threat, tool, update, vulnerabilityMit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen.Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht mehr aus. Um die Sicherheit von Unternehmensressourcen und Kundendaten zu gewährleisten, ist eine kontinuierliche Überwachung auf neue Ressourcen und Konfigurationsabweichungen erforderlich. Werkzeuge im Bereich Cyber Asset Attack Surface Management (CAASM)…
-
New ShadowRay Exploit Targets Vulnerability in Ray AI Framework to Attack AI Systems
Tags: ai, attack, botnet, computing, control, cyber, exploit, framework, hacking, intelligence, open-source, vulnerabilityOligo Security researchers have uncovered an active global hacking campaign that leverages artificial intelligence to attack AI infrastructure. The operation, dubbed ShadowRay 2.0, exploits a known yet disputed vulnerability in Ray an open-source framework powering numerous AI systems worldwide to seize control of computing clusters and conscript them into a self-replicating botnet capable of cryptojacking,…
-
50,000 CCTVs Hacked in India: Intimate Hospital Footage Sold Online
A disturbing case of hacking CCTV systems in India has exposed a widespread cybercrime racket through which intimate videos from a maternity ward were stolen and sold online. Police in Gujarat state say the discovery has raised concern for surveillance practices in a country where cameras are routinely placed across public and private spaces. First…
-
Anthropic AI-powered cyberattack causes a stir
Tags: ai, attack, china, cyber, cyberattack, cybersecurity, espionage, finance, government, group, hacking, programming, technology, toolAI “‹”‹company Anthropic recently announced that companies worldwide have been attacked by an AI-powered cyber espionage campaign. It is purported to be the first publicly documented case of a cyberattack carried out by an AI model.According to the research report, around 30 organizations worldwide were affected by the attacks. These included large technology companies, financial institutions,…
-
Google Finds New Malware Backdoors Linked to Iran
Hacking Group Deploys Raft of Custom Malware Variants. An Iranian state hacking group with a history of targeting aerospace, aviation and defense industries across the Middle East has improved its tooling with multiple custom malware variants, warned Google. The group, tracked as UNC1549, is suspected of ties to the Iranian Revolutionary Guard Corps. First seen…