Tag: hacking
-
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter of 2026.The activity targeted industrial and electronics manufacturing, education and public-sector bodies, financial services, and professional services, per the Threat Hunter Team from Symantec and Carbon…
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
Ghost hackers: the cybersecurity mystery that nobody has solved
A shadowy group that stole and dumped the NSA’s most powerful hacking tools still has implications for how companies think about digital risk today. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/ghost-hackers-the-cybersecurity-mystery-that-nobody-has-solved/
-
7-Eleven data breach exposes personal information of 185,000 people
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/
-
Jailbroken Gemini AI Abused in Credential Theft and Crypto Wallet Heist
Jailbroken Gemini AI has been weaponised in a long-running campaign that combined political influence, credential theft, and a cryptocurrency wallet heist, all operated by a single threat actor using a fake “patriot” persona. Trend Micro researchers recently documented how a solo Russian-speaking criminal, tracked as “bandcampro,” abused a compromised Gemini setup to automate content, hacking…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…
-
Police boast of hacking VPN where criminals believed themselves to be safe
Law enforcement intercepted VPN traffic, seized domains, and arrested its operator. First seen on arstechnica.com Jump to article: arstechnica.com/tech-policy/2026/05/police-boast-of-hacking-vpn-where-criminals-believed-themselves-to-be-safe/
-
KI-Angriffe 2026: Check Point warnt vor AI-Hacking, Jailbreaks und gestohlenen OpenAIKeys
Was bislang als experimentelle Bedrohung galt, entwickelt sich jetzt mit rasanter Geschwindigkeit zum skalierbaren Geschäftsmodell für Angreifer weltweit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-angriffe-2026-check-point-warnt-vor-ai-hacking-jailbreaks-und-gestohlenen-openai-api-keys/a45280/
-
Belarus-linked hackers use fake training certificates to target Ukrainian officials
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised as messages from a popular online learning platform to deliver malware. First seen on therecord.media Jump to article: therecord.media/oysterfresh-belarus-linked-campaign-targets-ukraine
-
Hacking-Cyberdeck: Community soll helfen, den Flipper One zu verwirklichen
Tags: hackingDer Flipper One soll mehr sein als der Zero. Die Entwickler sind mit den geplanten Features aber überfordert. First seen on golem.de Jump to article: www.golem.de/news/hacking-cyberdeck-community-soll-helfen-den-flipper-one-zu-verwirklichen-2605-208944.html
-
Why Smaller Healthcare Providers Remain Easy Targets
Recent Hacks Underscore Persistent and Growing Threats to Smaller Organizations. Small and mid-sized healthcare organizations – including medical specialty practices and regional clinics – continue to fall victim disproportionately to hacking incidents, including ransomware attacks and data thefts – affecting large populations of patients. Why does this keep happening? First seen on govinfosecurity.com Jump to…
-
Public NYC Health System Notifying 1.8M of Hack
Incident Involved an Unnamed Third-Party Vendor. New York City’s municipal healthcare system is notifying nearly 2 million patients of a hacking incident discovered earlier this year involving a third-party vendor. The breach compromised a long list of information, including biometric data such as fingerprints. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/public-nyc-health-system-notifying-18m-hack-a-31726
-
ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed
7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. >>Over 600k Salesforce records containing PII and other internal corporate data have been compromised.<< The…
-
ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed
7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. >>Over 600k Salesforce records containing PII and other internal corporate data have been compromised.<< The…
-
Bug bounty businesses bombarded with AI slop
“Never-ending” AI slop strains corporate hacking reward schemes. First seen on arstechnica.com Jump to article: arstechnica.com/ai/2026/05/bug-bounty-businesses-bombarded-with-ai-slop/
-
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-earn-1-298-250-for-47-zero-days-at-pwn2own-berlin-2026/
-
OpenAI hit by supply chain attack linked to malicious TanStack packages
OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process…
-
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB) First…
-
Mustang Panda Linked to New Modular FDMTP Backdoor
Researchers Say Nation-State Actors Are Evolving Persistence Techniques. An apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberespionage campaign affecting Asia-Pacific governments. The activity resembles attack patterns of the threat actor tracked as Mustang Panda First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mustang-panda-linked-to-new-modular-fdmtp-backdoor-a-31696
-
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… First seen on hackread.com Jump to article: hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
Your iPhone Gets Stolen. Then the Hacking Begins
A bustling underground ecosystem is providing criminals with the tools to unlock iPhones”, and wage phishing attacks against their contacts to access bank accounts and more. First seen on wired.com Jump to article: www.wired.com/story/your-iphone-gets-stolen-then-the-hacking-begins/
-
Google Warns Hackers Are Using AI to Build Working Zero-Day Exploits
Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a significant escalation in the cyber threat landscape, shifting AI’s role from a simple research assistant…
-
AI-powered hacking has exploded into industrial-scale threat, Google says
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks<ul><li><a href=”https://viewer.gutools.co.uk/business/live/2026/may/11/uk-economy-job-losses-iran-war-oil-pound-bonds-politics-starmer-live-updates”>Business live latest updates</li></ul>In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google.The findings from Google’s threat intelligence group add to an intensifying, global discussion about…
-
Hackers hack victims hacked by other hackers
An unknown group of hackers is breaking into systems previously breached by the cybercrime group TeamPCP. Once inside, the hackers immediately kick out TeamPCP and remove its hacking tools from the victims’ systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-hack-victims-hacked-by-other-hackers/
-
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like NetDraft and CloudSorcerer with aggressive network reconnaissance and credential theft. Researchers assess with high confidence…
-
After 17 years, Gavril Sandu extradited to U.S. for hacking scheme
Tags: hackingRomanian citizen Gavril Sandu was extradited to the U.S. nearly 17 years after a hacking scheme. He was indicted in 2017 and arrested in 2026. Romanian national Gavril Sandu, 53, has been extradited to the United States for his role in a hacking scheme that took place 17 years ago. >>On November 14, 2017, a…
-
Darkhub HackingHire Portal Promotes Crypto Fraud and Spyware Services
A newly identified dark web platform, Darkhub, is advertising a wide range of hacking-for-hire services, including account compromise, surveillance, and financial manipulation. The service, accessible via the Tor network, presents itself as a centralized hub for offensive cyber capabilities targeting both individuals and organizations. Many similar services historically function as advance-fee scams rather than delivering…