Tag: hacking
-
BreachForums hacking forum admin resentenced to three years in prison
Tags: hackingConor Brian Fitzpatrick, the 22-year-old behind the notorious BreachForums hacking forum, was resentenced today to three years in prison after a federal appeals court overturned his prior sentence of time served and 20 years of supervised release. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/breachforums-hacking-forum-admin-resentenced-to-three-years-in-prison/
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
YesWeHack Bug Bounty Boosts Security Collaboration
Live Hacking Event Offers New Insights Over Traditional Testing. In today’s threat landscape, as attackers grow more sophisticated, organizations are finding that direct collaboration between ethical hackers and development teams offers advantages traditional testing methods can’t always match. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/yeswehack-bug-bounty-boosts-security-collaboration-a-29446
-
New Zealand sanctions Russian military hackers over cyberattacks on Ukraine
New Zealand has imposed sanctions on Russian military intelligence hackers accused of cyberattacks on Ukraine, including members of a notorious hacking unit previously tied to destructive malware campaigns. First seen on therecord.media Jump to article: therecord.media/new-zealand-russia-gru-ukraine
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
Here’s the tech powering ICE’s deportation crackdown
From phone spyware and facial recognition to forensic phone hacking technology to databases and more, this tech powers Trump’s deportation machine. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/13/heres-the-tech-powering-ices-deportation-crackdown/
-
Finnish Vastaamo Hacker Freed While Appealing Conviction
Vastaamo Hacker Aleksanteri Kivimäki Is Free, For Now. A Helsinki court ordered the release of Finland’s most notorious hacker pending the resolution of his appeal of a conviction stemming from the theft of psychotherapy records of 33,000 individuals. Aleksanteri Kivimäki was convicted last year for hacking into now-defunct psychotherapy chain Vastaamo. First seen on govinfosecurity.com…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Kids in the UK are hacking their own schools for dares and notoriety
Kids are making a mark in the U.K.’s cybersecurity arena, and not in the way their parents want them to. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/11/kids-in-the-uk-are-hacking-their-own-schools-for-dares-and-notoriety/
-
China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats
Two major hacking groups have pushed the bureau to adapt how they respond to stealthier, more patient attacks, a top FBI official said. First seen on cyberscoop.com Jump to article: cyberscoop.com/chinas-typhoons-changing-the-way-fbi-hunts-sophisticated-threats/
-
Eperi stellt auf der it-sa Datensouveränität und Quantum-Hacking-Resilienz in den Fokus
Mit der richtigen Verschlüsselungstechnologie können Unternehmen schon heute für Datensouveränität und Schutz vor potenziellen Quantum-Computing-Hacks sorgen. Das Encryption-Unternehmen Eperi präsentiert auf der diesjährigen it-sa (Halle 9, Stand 346) sein modernes Verschlüsselungsportfolio, mit dem Unternehmen ihre sensiblen Daten nicht nur vor aktuellen Bedrohungen schützen können, sondern auch vor etwaigen zukünftigen Angriffen. Besonderen Wert legt Eperi dabei…
-
Eperi stellt auf der it-sa Datensouveränität und Quantum-Hacking-Resilienz in den Fokus
Mit der richtigen Verschlüsselungstechnologie können Unternehmen schon heute für Datensouveränität und Schutz vor potenziellen Quantum-Computing-Hacks sorgen. Das Encryption-Unternehmen Eperi präsentiert auf der diesjährigen it-sa (Halle 9, Stand 346) sein modernes Verschlüsselungsportfolio, mit dem Unternehmen ihre sensiblen Daten nicht nur vor aktuellen Bedrohungen schützen können, sondern auch vor etwaigen zukünftigen Angriffen. Besonderen Wert legt Eperi dabei…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
SpamGPT: New AI Email Attack Tool Fueling Massive Phishing Operations
A novel AI-driven email attack toolkit namedSpamGPThas surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” solution, SpamGPT automates compromise of email servers, bypasses major spam filters, and offers marketing-style campaign analytics. Security researchers warn that its user-friendly interface and AI-assisted content generation significantly…
-
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
Tags: cisa, cybersecurity, exploit, hacking, infrastructure, mandiant, update, vulnerability, zero-dayAfter the notices from Sitecore and Mandiant on Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its exploited bugs catalog, giving all federal civilian agencies three weeks to patch it. First seen on therecord.media Jump to article: therecord.media/cisa-orders-patch-for-sitecore-zero-day
-
$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure
US offers $10M for Russian FSB officers Tyukov, Gavrilov & Akulov, accused of attacking US critical infrastructure and over 500 energy firms worldwide. The US Department of State is offering up to $10M for info on FSB officers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, accused of hacking US infrastructure and over…
-
Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries.NotDoor “is a VBA macro for Outlook designed to monitor incoming emails for a specific trigger word,” S2 Grupo’s LAB52 threat intelligence team said. “When…
-
GhostRedirector Emerges as New China-Aligned Threat Actor
A newly identified hacking group named GhostRedirector has compromised 65 Windows servers using previously unknown tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ghostredirector-new-china-threat/
-
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/apt28-outlook-notdoor-backdoor
-
It looks like you’re ransoming data. Would you like some help?
AI-powered ransomware, extortion chatbots, vibe hacking “¦ just wait until agents replace affiliates First seen on theregister.com Jump to article: www.theregister.com/2025/09/03/ransomware_ai_abuse/
-
Hacking group linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack
Britain’s biggest car maker halt production at key sites after English-speaking hackers disrupt IT systemsA group of English-speaking hackers linked to the Marks & Spencer cyber-attack has claimed responsibility for an attack on Jaguar Land Rover.A channel on the Telegram platform posted a screenshot of what appeared to be the car maker’s internal IT systems,…
-
Amazon shuts down watering hole attack attributed to Russia’s APT29 hacking group
In October 2024, Amazon disrupted another APT29 operation that attempted to use phishing domains impersonating AWS. First seen on therecord.media Jump to article: therecord.media/amazon-shuts-down-apt29-watering-hole-attack
-
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
A hacking campaign using credentials linked to Salesloft Drift has impacted a growing number of companies, including downstream customers of leading cybersecurity firms. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-zscaler-supply-chain-attacks/758990/
-
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
A hacking campaign using credentials linked to Salesloft Drift has impacted a growing number of companies, including downstream customers of leading cybersecurity firms. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-zscaler-supply-chain-attacks/758990/
-
Prompt Injection Attacks Can Exploit AI-Powered Cybersecurity Tools
Researchers have demonstrated that advanced prompt injection techniques can turn defensive AI agents into potent vectors for system compromise. The findings, detailed in a new preprint titled “Cybersecurity AI: Hacking the AI Hackers via Prompt Injection,” expose a fundamental architectural weakness in large language model (LLM)based security tools that could upend trust in automated pen-testing…
-
Event Horizon for Vibe Hacking Draws Closer, Anthropic Warns
Cyber Extortion Campaign Automated Efforts to ‘Unprecedented’ Degree, Says AI Giant. Artificial intelligence giant Anthropic said it’s disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an unprecedented extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations. First seen on…
-
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT.The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures First seen…