Tag: hacking
-
Serial Hacker Sentenced for Defacing and Hacking Organizational Websites
Al-Tahery Al-Mashriky, 26, of Rotherham, South Yorkshire, was given a 20-month prison sentence for several charges of illegal computer access and data exfiltration, part of a major crackdown on ideologically driven cyberthreats. Al-Mashriky, affiliated with extremist hacking collectives such as the ‘Spider Team’ and ‘Yemen Cyber Army,’ was apprehended in August 2022 by the National…
-
At least three UK organizations hit by SharePoint zero-day hacking campaign
At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers. First seen on therecord.media Jump to article: therecord.media/organizations-united-kingdom-sharepoint
-
A hacker tied to Yemen Cyber Army gets 20 months in prison
UK hacker Al-Tahery Al-Mashriky, tied to Yemen Cyber Army, gets 20 months in prison for website defacements and stolen data possession. Al-Tahery Al-Mashriky (26), a man from South Yorkshire, linked to the Yemen Cyber Army, has been sentenced to 20 months in prison for hacking and defacing websites in hacktivist campaigns. The UK’s National Crime…
-
47,000 Individuals Affected by Data Breach, Reveals NY Business Council
The Business Council of New York State, Inc., a prominent commercial organization based in Albany, has disclosed a data breach impacting approximately 47,329 individuals. The breach, characterized as an external system intrusion commonly associated with sophisticated hacking techniques, occurred on February 24, 2025, but was only detected on August 4, 2025 a delay of over…
-
SAP 0-Day Exploit Reportedly Leaked by ShinyHunters Hackers
A sophisticated exploit targeting critical SAP vulnerabilities has been publicly released by the notorious hacking group ShinyHunters, significantly escalating the threat landscape for enterprise SAP environments. The exploit, which chains together multiple zero-day vulnerabilities, was allegedly leaked through the >>Scattered LAPSUS$ Hunters ShinyHunters
-
North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and a sophisticated Linux rootkit. The dump, linked to a Chinese threat actor targeting South Korean and Taiwanese government and private sectors, shows overlaps with the North Korean Kimsuky APT group.…
-
IBM’s Cost of a Data Breach Report 2025
IBM’s 2025 Cost of a Data Breach Report drives home that point: attackers today are often “logging in rather than hacking in”. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ibms-cost-of-a-data-breach-report-2025/
-
Russian-Linked Curly COMrades Deploy MucorAgent Malware in Europe
A new report from Bitdefender reveals the Russian-linked hacking group Curly COMrades is targeting Eastern Europe with a… First seen on hackread.com Jump to article: hackread.com/russian-curly-comrades-mucoragent-malware-europe/
-
ShinyHunters Claims BreachForums Seized by Law Enforcement, Now a Honeypot
Tags: authentication, breach, communications, cyber, data, hacking, infrastructure, law, privacy, threatThe threat actor known as ShinyHunters has publicly disclosed what they claim is a covert seizure of BreachForums, a notorious online platform used for trading stolen data and discussing illicit hacking activities. According to ShinyHunters’ announcement, the forum’s core infrastructure, including its official Pretty Good Privacy (PGP) key used for cryptographic authentication and secure communications,…
-
Dutch Investigators Blame Hacks on Multiple Threat Actors
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
Dutch Investigators Blame Multiple Threat Actors on Hacks
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian ‘RomCom’ hacking group to drop different malware payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/details-emerge-on-winrar-zero-day-attacks-that-infected-pcs-with-malware/
-
Two groups exploit WinRAR flaws in separate cyber-espionage campaigns
A prominent hacking operation known as RomCom and a lesser-known group tracked as Paper Werewolf or Goffee each exploited a zero-day vulnerability in WinRAR software this summer, researchers said. First seen on therecord.media Jump to article: therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers
-
How ShinyHunters Hacking Group Stole Customer Data from Salesforce
Hackers posed as Salesforce IT staff, using vishing to trick employees into installing malicious software for data theft and extortion. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-salesforce-vishing-attack-shinyhunters/
-
Operation Chakra V: Call Center Scammers and your PII
Here we have another cautionary tale about off-shoring customer service when faced with the reality of Call Center Scams that commit fraud via Tech Support Scams and Government Impersonation. In this case, FirstIdea, an Indian company is charged with committing fraud against at least 100 victims from Australia and the UK. FirstIdea.us, according to their…
-
Nigerian man extradited from France to US over hacking and fraud allegations
A Nigerian man has been extradited from France to face hacking, identity theft, and fraud charges in the… First seen on hackread.com Jump to article: hackread.com/nigerian-extradited-france-us-hacking-fraud-allegations/
-
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack
A North Korean state-linked hacking group known for spying added some “newly observed” ransomware to its kit in a campaign targeting South Koreans, researchers said. First seen on therecord.media Jump to article: therecord.media/scarcruft-north-korea-hackers-add-ransomware
-
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million in cryptocurrency from victims. This coordinated assault, uncovered by Koi Security researchers, leverages a staggering 650 hacking tools comprising 150 weaponized Firefox extensions and nearly 500 malicious Windows executables demonstrating…
-
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related to sophisticated hacking, wire fraud, and aggravated identity theft operations. The 39-year-old Nigerian national was presented before U.S. Magistrate Judge Robert W. Lehrburger in the Southern District of New York,…
-
Die wichtige Rolle der SaaS-Datensicherung nach Angriffen von Salt Typhoon
Datensicherung überdenken nach Cyberangriffen von Salt Typhoon. Stärkung der Resilienz in einer SaaS-gesteuerten Geschäftswelt. Die chinesische, mutmaßlich staatlich unterstützte Hacking-Kampagne mit dem Namen Salt Typhoon hat vor einem halben Jahr mit einem massiven Cyberangriff auf die globale Telekommunikation Aufsehen erregt. Seitdem sorgt sie weiterhin für Schlagzeilen und die Branche ist nach wie vor… First seen…
-
Nigerian accused of hacking tax preparation businesses extradited to US
Prosecutors accuse Chukwuemeka Victor Amachukwu, who was arrested in France, of multiple fraud schemes, including tax refund fraud and identity theft. First seen on cyberscoop.com Jump to article: cyberscoop.com/nigerian-extradited-charged-tax-refund-fraud/
-
Hacker extradited to US for stealing $3.3 million from taxpayers
Nigerian national Chukwuemeka Victor Amachukwu has been extradited from France to the U.S. to face charges of hacking, fraud, and identity theft for suspected spearphishing attacks on U.S. tax preparation businesses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-extradited-to-us-for-stealing-33-million-from-taxpayers/
-
US Authorities Extradite Nigerian Man Accused of Hacking and Fraud
A Nigerian man accused of hacking, fraud and identity theft has been extradited from France to the US to face charges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-authorities-extradite-nigerian/
-
Microsoft increases Zero Day Quest prize pool to $5 million
Microsoft will offer up to $5 million in bounty awards at this year’s Zero Day Quest hacking contest, which the company describes as the “largest hacking event in history.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-announces-5-million-prize-pool-for-zero-day-quest-hacking-contest/
-
Hacking group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer
The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the…
-
Black Hat 2025: Latest news and insights
Tags: access, ai, api, attack, ciso, cloud, conference, crowdstrike, cvss, cyber, cybersecurity, data, defense, email, exploit, finance, firmware, flaw, group, hacker, hacking, identity, Internet, LLM, malicious, malware, reverse-engineering, sap, service, threat, tool, training, update, usa, vulnerability, windowsBlack Hat USAAugust 2-7, 2025Las Vegas, NVBlack Hat USA 2025 returns to the Mandalay Bay Convention Center in Las Vegas on August 2-7. The annual event is a perennial magnet for cybersecurity professionals, researchers, vendors and othersThe week kicks off on August 2 with four days of cybersecurity training courses. The courses cover a range…
-
Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 2124 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ireland 2025 hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits. Participants can earn up to $1 million for…
-
Pwn2Own hacking contest pays $1 million for WhatsApp exploit
The Zero Day Initiative is offering a $1 million reward to security researchers who will demonstrate a zero-click WhatsApp exploit at its upcoming Pwn2Own Ireland 2025 hacking contest. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pwn2own-hacking-contest-pays-1-million-for-whatsapp-exploit/