Tag: hacking
-
Putting AI-assisted ‘vibe hacking’ to the test
Tags: access, ai, attack, chatgpt, cyber, cybercrime, cybersecurity, data-breach, defense, exploit, hacking, least-privilege, LLM, network, open-source, strategy, threat, tool, vulnerability, zero-trustUnderwhelming results: For each LLM test, the researchers repeated each task prompt five times to account for variability in responses. For exploit development tasks, models that failed the first task were not allowed to progress to the second, more complex one. The team tested 16 open-source models from Hugging Face that claimed to have been…
-
Threats Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure
Threat actors, ranging from state-sponsored organizations to non-state actors, are using sophisticated cyber weapons to breach and destroy vital infrastructure in a time when digital and physical security are becoming more intertwined. These tools, often manifesting as malware agents like worms, viruses, and advanced persistent threats (APTs), exploit vulnerabilities in supervisory control and data acquisition…
-
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks.The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as of December 2020.The findings come from Security…
-
4 Arrested Over Scattered Spider Hacking Spree
Plus: An “explosion” of AI-generated child abuse images is taking over the web, a Russian professional basketball player is arrested on ransomware charges, and more. First seen on wired.com Jump to article: www.wired.com/story/4-arrested-over-scattered-spider-hacking-spree/
-
Leaked Shellter Elite Tool Now Fueling Infostealer Attacks Worldwide
A new report details how the advanced hacking tool Shellter Elite was leaked and is now being used… First seen on hackread.com Jump to article: hackread.com/leaked-shellter-elite-tool-infostealer-attacks-worldwide/
-
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S.The financially motivated scheme, now operating under the moniker Pay2Key.I2P, is assessed to be linked to a hacking group tracked as Fox Kitten (aka Lemon Sandstorm).”…
-
PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda
Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These flaws could…
-
Vibe Hacking Not Yet Possible
AI Models Mostly Fail in Full Track of Vulnerability Research to Exploit. The rise of code-illiterate but AI-enabled script kiddies able to wreak havoc by weaponizing software vulnerabilities into automated exploits, thanks to expert-level assistance from large language models, remains but a future possibility, based on exploit-writing tests of 50 LLMs. First seen on govinfosecurity.com…
-
US Sanctions Key Threat Actors Tied to North Korea’s Remote IT Worker Scheme
The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury has taken a strong stance against cyber-enabled financial schemes that support North Korea’s illicit weapons programs by imposing sanctions on Song Kum Hyok, a malevolent cyber actor connected to the hacking group Andariel of the Democratic People’s Republic of Korea (DPRK).…
-
4 Arrests in Dawn Raid of Scattered-Spider Suspects
Tags: hackingAlleged arachnid arrests: Three teenage males and a young woman hauled away by cops, suspected of hacking huge retailers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/arrests-scattered-spider-richixbw/
-
Forescout Vedere Labs shows >>vibe hacking<< isn't quite the threat it's made out to be… yet
Forescout’s Vedere Labs has published new research examining the real-world threat posed by generative AI in cyberattacks. While public concern is growing around >>vibe hacking>>, a term describing AI-driven, autonomous hacking, the research findings suggest the threat remains in its early stages. Based on more than 50 simulations involving generative AI models, researchers concluded that…
-
Russia, hotbed of cybercrime, says nyet to ethical hacking bill
Politicians uneasy over potential impact on national security, local reports say First seen on theregister.com Jump to article: www.theregister.com/2025/07/10/russia_ethical_hacking_bill/
-
Authorities arrest four hackers linked to UK retail hacking spree
The U.K. National Crime Agency said the suspects are in custody in relation to the hacks targeting Marks Spencer, Harrods, and the Co-op. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/10/authorities-arrest-four-hackers-linked-to-uk-retail-hacking-spree/
-
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme.The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province of…
-
Suspected contractor for China’s Hafnium group arrested in Italy
U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/suspected-contractor-for-chinas-hafnium-group-arrested-in-italy/752533/
-
US government confirms arrest of Chinese national accused of stealing COVID research and mass-hacking email servers
Accused hacker and Chinese national Xu Zewei was arrested in Italy at the request of U.S. prosecutors. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/08/us-government-confirms-arrest-of-chinese-national-accused-of-stealing-covid-research-and-mass-hacking-email-servers/
-
Treasury sanctions North Korean over IT worker malware scheme
The U.S. Department of the Treasury sanctioned cyber actor Song Kum Hyok for his association with North Korea’s hacking group Andariel and for facilitating IT worker schemes that generated revenue for the Pyongyang regime. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/treasury-sanctions-north-korean-over-it-worker-malware-scheme/
-
Treasury sanctions North Korean over IT worker malware scheme
The U.S. Department of the Treasury sanctioned cyber actor Song Kum Hyok for his association with North Korea’s hacking group Andariel and for facilitating IT worker schemes that generated revenue for the Pyongyang regime. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/treasury-sanctions-north-korean-over-it-worker-malware-scheme/
-
Looking Tough: Russia Trumpets Pro-Ukraine Hacker Arrests
Officials Look for Positive PR Stories as Putin’s War Drags On. Russian authorities regularly trumpet the arrest and sentencing of citizens who offer hacking support to Ukrainian forces. Experts say the extent to which official crime reports can be trusted remains unclear, especially as officials need to look tough on the Ukrainian threat. First seen…
-
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage
A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/alleged-chinese-hacker-tied-to-silk-typhoon-arrested-for-cyberespionage/
-
Hacks Lead Health Data Breach Trends So Far in 2025
345 Major HIPAA Breaches Reported to Feds So Far This Year, Affecting 29.9 Million. Midway through 2025, the federal website listing major health data breaches in the U.S. shows a familiar scene: Many hacking incidents including ransomware, dozens of third-party vendor incidents, and millions of individuals affected by compromised personal data. First seen on govinfosecurity.com…
-
“No honor among thieves”: MS hacking group starts turf war
A clash between criminal ransomware groups could result in victims being extorted twice. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/no-honor-among-thieves-ms-hacking-group-starts-turf-war/
-
Parrot Security OS 6.4 Released What’s New!
The Parrot Security team has released Parrot Security OS 6.4, a robust update featuring community-driven enhancements and contributions. As the probable final chapter of the 6.x series, this release refines the security-focused OS and sets the stage for the upcoming Parrot 7. Parrot Security OS is an Ethical Hacking and Cybersecurity Professional dedicated Distribution, explicitly…
-
Iran-Aligned Hacking Group Targets Middle Eastern Governments
Iran-aligned BladedFeline group has been observed targeting the government of Iraq and KRG with advanced malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-hacking-group-targets-middle/
-
Qantas contacted by suspected cyber criminal but airline won’t confirm if hacking ransom demanded
Hacked airline says Australian federal police have been engaged but it ‘won’t be commenting any further on the detail of the contact'<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>A potential cyber criminal has made contact with Qantas, the airline has confirmed, after a <a href=”https://www.theguardian.com/business/2025/jul/02/qantas-confirms-cyber-attack-exposes-records-of-up-to-6-million-customers”>major attack on its network…
-
TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors
A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT.The activity has been attributed by Recorded Future’s Insikt Group to a threat actor tracked as TAG-140, which it said overlaps with SideCopy, an adversarial collective assessed to be…
-
China-linked group Houken hit French organizations using zero-days
China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set,…
-
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices.The campaign, detected at the beginning of First seen…
-
Chinese Hackers Exploited Ivanti Flaw in France
Hackers Targeted French Government Entities, ANSSI Said. A hacking campaign linked to Chinese threat actors chained zero-days in Ivanti server software to target French government, defense and media entities, the national cyber agency said. The hacker has similarities to a Chinese threat actor tracked as UNC5174. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-exploited-ivanti-flaw-in-france-a-28888