Tag: hacking
-
Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
Twenty-one intelligence agencies from 11 allied nations pointed to the Russian hacking operation known as Fancy Bear or APT28 as the source of a widespread campaign to hack into Western logistics and technology companies. First seen on therecord.media Jump to article: therecord.media/western-intelligence-alert-russia-hackers-logistics-fancy-bear-apt28
-
Hacking contest exposes VMware security
In what has been described as a historical first, hackers in Berlin have been able to demo successful attacks on the ESXi hypervisor First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366624198/Hacking-contest-exposes-VMware-security
-
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/
-
Uncensored AI Tool Raises Cybersecurity Alarms
The Venice.ai chatbot gained traction in hacking forums for its uncensored access to advanced models First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uncensored-ai-tool-cybersecurity/
-
‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots
Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking group. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-us-government-response/
-
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Tags: attack, backdoor, china, data-breach, email, group, hacker, hacking, international, phishing, spear-phishing, tactics, threatThreat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using First…
-
Debt Collector Hack Affects Long List of Clients, Patients
Healthcare Providers Are Among Nationwide Recovery Service Data Breach Victims. A 2024 hacking incident at a debt collection firm has affected a growing list of clients and at least hundreds of thousands of individuals so far, including 210,000 patients of Harbin Clinic in Georgia and nearly 90,000 patients of Texas-based Vitruvian Health, also known as…
-
Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025
Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical vulnerabilities in the Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. >>This week at the security hacking competition pwn2own, security researchers…
-
Mozilla fixes Firefox zero-days exploited at hacking contest
Mozilla released emergency security updates to address two Firefox zero-day vulnerabilities demonstrated in the recent Pwn2Own Berlin 2025 hacking competition. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-days-exploited-at-hacking-contest/
-
Hackers earn $1,078,750 for 28 zero-days at Pwn2Own Berlin
The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-earn-1-078-750-for-28-zero-days-at-pwn2own-berlin/
-
Pwn2Own Day 3: Zero-Day Exploits Windows 11, VMware ESXi, and Firefox
The Pwn2Own Berlin 2025 last day ended with impressive technological accomplishments, bringing the total prize money over one million dollars. Security researchers demonstrated sophisticated exploitation techniques against high-profile targets including Windows 11, VMware ESXi, and Mozilla Firefox, revealing critical zero-day vulnerabilities that vendors must now address. The three-day hacking competition showcased 28 unique zero-day vulnerabilities,…
-
SEC SIM Swapper Gets 14 Months for X Account Hijack
Tags: hackingAn Alabama man has been sentenced to 14 months for hacking the SEC’s X account First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sec-sim-swapper-14-months-x/
-
Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi
On day two of Pwn2Own Berlin 2025, participants earned $435,000 for demonstrating zero-day in SharePoint, ESXi, VirtualBox, RHEL, and Firefox. On day two of Pwn2Own Berlin 2025, bug hunters earned a total of $435,000, which brings the contest total to $695,000, after $260,000 was awarded during the first day of the competition. The participants demonstrated…
-
Dynamic DNS Emerges as Go-to Cyberattack Facilitator
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dynamic-dns-cyberattack-facilitator
-
Scattered Spider hackers in UK are ‘facilitating’ cyber-attacks, says Google
US retailers being targeted after attacks on Britain’s Marks & Spencer, the Co-op and HarrodsUK-based members of the Scattered Spider hacking community are actively “facilitating” cyber-attacks, according to Google, as disruption to British retailers spreads to the US.A group of hackers labelled “Scattered Spider” have been linked with attacks on UK retailers <a href=”https://www.theguardian.com/business/2025/may/13/m-and-s-personal-data-cyber-attack-marks-spencer-card-passwords”>Marks &…
-
Why we must reform the Computer Misuse Act: A cyber pro speaks out
Britain’s outdated hacking laws are leaving the UK’s cyber practitioners hamstrung and afraid. Security professional Simon Whittaker reveals how he nearly ran afoul of the Computer Misuse Act, and why he’s speaking out for reform First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623789/Why-we-must-reform-the-Computer-Misuse-Act-A-cyber-pro-speaks-out
-
Russian military cadet reportedly arrested for selling hacking tool to FSB agent
A Russian military cadet reportedly developed an algorithm that could bypass the protective infrastructure of law enforcement software and gain access to restricted data. First seen on therecord.media Jump to article: therecord.media/russian-military-cadet-reportedly-arrested-for-selling-hacking-tool
-
FBI and Dutch police seize and shut down botnet of hacked routers
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/09/fbi-and-dutch-police-seize-and-shut-down-botnet-of-hacked-routers/
-
BSidesLV24 Hacking Trust Establishment
Author/Presenter: Carrie Randolph Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/bsideslv24-hacking-trust-establishment/
-
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.CVE-2025-31324 refers to a critical SAP NetWeaver flaw First…
-
Shaping tomorrow’s cyber defenders: Why the Hacking Games gives me hope for Generations Z, A and beyond
First seen on scworld.com Jump to article: www.scworld.com/perspective/shaping-tomorrows-cyber-defenders-why-the-hacking-games-gives-me-hope-for-generations-z-a-and-beyond
-
Google links new LostKeys data theft malware to Russian cyberspies
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-links-new-lostkeys-data-theft-malware-to-russian-cyberspies/
-
Hacker Exploits AI Art Tool to Steal 1.1TB of Disney Data
California Man Pleads Guilty to Two Felony Charges Related to Hacking Employee’s PC. A California man agreed to plead guilty to hacking a Disney employee’s personal computer and stealing over one terabyte of confidential company data. Authorities say the man posted a malicious artificial intelligence art application online and used it to steal an employee’s…
-
Smart Strategies for NHI Deployment
Why Does NHI Management Matter in Today’s Cybersecurity Landscape? Data breaches, hacking and cyber threats are at an all-time high, making cybersecurity a crucial priority for businesses. So, how can organizations effectively secure their digital assets and eliminate potential risks? The answer lies in smart NHI strategies and efficient deployment. But what does this mean,……
-
Jury orders NSO to pay $167 million for hacking WhatsApp users
The verdict is a major victory for opponents of exploit sellers. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/
-
TeleMessage Goes Dark After Trump Adviser Photo Fallout
Hacker Breaches Government-Approved Messaging App Used by Top Trump Officials. A Signal clone messaging app apparently being used by top advisers to U.S. President Donald Trump abruptly went dark Monday following a reported hacking incident. TeleMessage said it temporarily suspended messaging services out of an abundance of caution. First seen on govinfosecurity.com Jump to article:…
-
Hacking of Signal-like app used by Trump officials reported
Tags: hackingFirst seen on scworld.com Jump to article: www.scworld.com/brief/hacking-of-signal-like-app-used-by-trump-officials-reported
-
Azerbaijan blames Russian state hackers for cyberattacks on local media
The Kremlin-backed hacking group known as APT29 was responsible for a February cyberattack on local media, said Azerbaijan’s government, which has moved to reduce Russian influence recently. First seen on therecord.media Jump to article: therecord.media/azerbaijan-blames-media-cyberattacks-russia-apt29
-
California Man Will Plead Guilty to Last Year’s Disney Hack
A 25-year-old California man will plead guilty to hacking into a Disney’s personal computer and using stolen credentials to break into thousands of Disney Slack channels. Ryan Mitchell Kramer, who claimed to be a member of the Russian group NullBulge, then leaked the data when the victim didn’t respond to his emails. First seen on…