Tag: hacking
-
Poland arrests Ukrainians utilizing ‘advanced’ hacking equipment
The police in Poland arrested three Ukrainian nationals for allegedly attempting to damage IT systems in the country using hacking equipment and for obtaining “computer data of particular importance to national defense.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poland-arrests-ukrainians-utilizing-advanced-hacking-equipment/
-
Three hacking groups, two vulnerabilities and all eyes on China
What does it mean that three separate China-linked groups all moved on the same SharePoint vulnerabilities at nearly the same time? First seen on therecord.media Jump to article: therecord.media/three-hacking-groups-two-vulnerabilities-china-microsoft
-
Oh Crap, Kohler’s Toilet Cameras Aren’t Really EndEnd Encrypted
Plus: The Trump administration declines to issue sanctions over Salt Typhoon’s hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-oh-crap-kohlers-toilet-cameras-arent-really-end-to-end-encrypted/
-
Russian police bust bank-account hacking gang that used NFCGate-based malware
Russian police said they took down a multimillion-dollar cybercrime operation that used malware based on a legitimate software tool to take over individuals’ bank accounts. First seen on therecord.media Jump to article: therecord.media/russian-police-bust-banking-hackers-nfcgate-based-malware
-
Offensive security takes center stage in the AI era
Tags: ai, attack, automation, business, ciso, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, framework, hacker, hacking, incident response, intelligence, malicious, offense, phishing, RedTeam, regulation, risk, skills, software, strategy, tactics, technology, threat, tool, vulnerability, vulnerability-management, windowsRed teaming, where ethical hackers simulate real-world attacks to test detection and response capabilities. Red teams aim to emulate threat actors by using stealthy tactics to bypass controls and achieve objectives such as data exfiltration or privilege escalation.Adversary emulation, where security pros re-create known threat actor tactics, techniques, and procedures (TTPs) based on threat intelligence…
-
Offensive security takes center stage in the AI era
Tags: ai, attack, automation, business, ciso, control, credentials, cyber, cybersecurity, data, defense, detection, encryption, framework, hacker, hacking, incident response, intelligence, malicious, offense, phishing, RedTeam, regulation, risk, skills, software, strategy, tactics, technology, threat, tool, vulnerability, vulnerability-management, windowsRed teaming, where ethical hackers simulate real-world attacks to test detection and response capabilities. Red teams aim to emulate threat actors by using stealthy tactics to bypass controls and achieve objectives such as data exfiltration or privilege escalation.Adversary emulation, where security pros re-create known threat actor tactics, techniques, and procedures (TTPs) based on threat intelligence…
-
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes.The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to a report from Fortinet FortiGuard Labs.”This malware enables remote control of compromised systems by allowing First…
-
Portugal updates cybercrime law to exempt security researchers
Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/portugal-updates-cybercrime-law-to-exempt-security-researchers/
-
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts and scanning SonicWall SonicOS API endpoints. The activity came from over 7,000 IPs tied to German hosting provider 3xK GmbH, which operates its own BGP network…
-
Security News This Week: Oh Crap, Kohler’s Toilet Cameras Aren’t Really EndEnd Encrypted
Plus: The Trump administration declines to issue sanctions over Salt Typhoon’s hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-oh-crap-kohlers-toilet-cameras-arent-really-end-to-end-encrypted/
-
Security News This Week: Oh Crap, Kohler’s Toilet Cameras Aren’t Really EndEnd Encrypted
Plus: The Trump administration declines to issue sanctions over Salt Typhoon’s hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-oh-crap-kohlers-toilet-cameras-arent-really-end-to-end-encrypted/
-
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge.The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been addressed in React versions 19.0.1, 19.1.2, and 19.2.1.According…
-
So finden Sie den richtigen USB-Stick für Ihre Daten
Angesichts der zunehmenden Verfügbarkeit fortschrittlicher Hacking-Tools ist es wichtiger denn je, Speicherlösungen zu wählen, die einen zuverlässigen und sicheren Datenschutz bieten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/so-finden-sie-den-richtigen-usb-stick-fuer-ihre-daten/a42964/
-
UK Government Considers Computer Misuse Act Revision
Security Minister Dan Jarvis Endorses Security Researcher Protections. The U.K. government is considering amending its three-decade-old hacking law to include a statutory defense cover for security researchers. The announcement comes amid concerns that the law penalizes white hat hackers for essential security practices. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-government-considers-computer-misuse-act-revision-a-30197
-
Virginia brothers charged with hacking, deleting federal databases holding FOIA info
Twin brothers with a history of cybercrimes have been arrested on charges of abusing their roles as federal contractors to delete databases storing U.S. government information. First seen on therecord.media Jump to article: therecord.media/twin-brothers-arrested-hacking-deleting-foia-databases
-
Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers’ surveillance systems, allowing them to see hacking targets’ personal data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/04/sanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say/
-
Contractors with hacking records accused of wiping 96 govt databases
U.S. prosecutors have charged two Virginia brothers arrested on Wednesday with allegedly conspiring to steal sensitive information and destroy government databases after being fired from their jobs as federal contractors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/contractors-with-hacking-records-accused-of-wiping-96-govt-databases/
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
Wie Unternehmen sich gegen neue KI-Gefahren wappnen
Tags: ai, china, cyberattack, cyersecurity, hacker, hacking, injection, iran, ml, penetration-testing, phishing, risk, tool, vulnerabilityKI ist nicht nur ein Tool für Hacker, sondern kann auch selbst zur Gefahr werden.In der Welt der Cybersicherheit gibt es ein grundlegendes Prinzip, das auf den ersten Blick widersprüchlich klingen mag: ‘Wir hacken, bevor Cyberkriminelle die Gelegenheit dazu bekommen.” Um dies umzusetzen und Produktionsstraßen oder Maschinen zu schützen, setzen Unternehmen wie Siemens auf zwei…
-
Twins with hacking history charged in insider data breach affecting multiple federal agencies
Muneeb and Sohaib Akhter previously pleaded guilty to hacking into the State Department and other cybercrimes in 2015. First seen on cyberscoop.com Jump to article: cyberscoop.com/muneeb-sohaib-akhter-government-contractors-insider-attack/
-
Utilities Warn US Grid at Risk as Federal Cyber Funds Dry Up
Federal Cuts Threaten Grid Security as Nation-State Hackings Escalate, Analysts Say. Cybersecurity leaders told Congress that U.S. energy systems are already compromised by state-backed actors – chiefly China – and warned that shrinking federal support for grid security programs threatens to worsen exposure as utilities face escalating threats with limited resources. First seen on govinfosecurity.com…
-
University of Pennsylvania and University of Phoenix disclose data breaches
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoenix confirmed they were hit in the recent cyberattack targeting Oracle E-Business Suite customers. Penn explained that it uses Oracle’s E-Business Suite (EBS) platform for supplier…
-
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper.The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango First seen…
-
Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
A dangerous new Android malware called Albiriox has been discovered by security researchers, posing a serious threat to mobile banking and cryptocurrency users worldwide. The malware operates as a Malware-as-a-Service (MaaS), allowing cybercriminals to rent access to this powerful hacking tool for monthly fees ranging from $650 to $720. The Cleafy Threat Intelligence team first identified Albiriox…
-
Poland detains Russian citizen suspected of hacking local firms
The suspect, whose identity has not been disclosed, illegally crossed into Poland in 2022 and obtained refugee status the following year. First seen on therecord.media Jump to article: therecord.media/poland-detains-russian-citizen-accused-of-hacks
-
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/state-backed-spyware-attacks-are-targeting-signal-and-whatsapp-users-cisa-warns
-
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today’s top tools and tech. This bundle is just $34.97 for a limited time. The post Price Drop: This Complete Ethical Hacking Bundle is Now $33 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/ethical-hacking-course-bundle/
-
Reward-Hacking Training Produces Malicious Cross-Task Behaviors
Anthropic researchers have discovered a troubling phenomenon in the development of artificial intelligence: when large language models learn to >>reward hack
-
Reward-Hacking Training Produces Malicious Cross-Task Behaviors
Anthropic researchers have discovered a troubling phenomenon in the development of artificial intelligence: when large language models learn to >>reward hack
-
Underground AI models promise to be hackers ‘cyber pentesting waifu’
Tier-based subscriptions, hacker specific training datasets and playful personalities are part of a growing underground criminal market for custom AI hacking tools. First seen on cyberscoop.com Jump to article: cyberscoop.com/malicious-llm-tools-cybercrime-wormgpt-kawaiigpt/