menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

2w

read

189

img
dot

Image Credit: Securityaffairs

The FBI warns that Scattered Spider is now targeting the airline sector

  • The FBI has issued a warning that the cybercrime group Scattered Spider is targeting the airline sector using social engineering techniques to gain access.
  • Scattered Spider is focusing on large corporations and their third-party IT providers within the airline ecosystem, putting trusted vendors and contractors at risk.
  • The cybercriminals steal data for extortion and deploy ransomware; FBI is collaborating with the aviation industry to combat these attacks and assist victims.
  • Additionally, Unit 42 has warned about Muddled Libra targeting the aviation industry with advanced social engineering methods, while Google highlighted Scattered Spider's shift toward targeting U.S. companies after UK retailer attacks.

Read Full Article

like

11 Likes

share

2 Shares

source image

Securityaffairs

2w

read

366

img
dot

Image Credit: Securityaffairs

LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

  • Over 1,000 SOHO devices hacked in China-linked LapDogs spying campaign for espionage.
  • Security researchers uncover ORB network supporting long-term spying ops in U.S. and Asia.
  • ShortLeash malware, targeting various hardware vendors, found hiding in compromised devices.

Read Full Article

like

22 Likes

share

5 Shares

source image

Coinpedia

2w

read

358

img
dot

Image Credit: Coinpedia

Crypto Hacks Surge in 2025: $2.1 Billion Stolen in Just 6 Months

  • Crypto thefts have skyrocketed in 2025, reaching $2.1 billion in the first half of the year across 75 incidents, with infrastructure attacks contributing to over 80% of stolen funds.
  • North Korea has been linked to $1.6 billion, accounting for 70% of the total stolen funds, emphasizing the country's involvement in exploiting crypto markets to evade international sanctions.
  • A high-profile hack on Bybit and Nobitex, involving Israeli cybercriminal Gonjeshke Darande, underscores the rising geopolitical cyber threats faced by the crypto industry.
  • TRM Labs recommends steps like cold storage, multi-factor authentication, regular security audits, and insider threat detection to enhance security measures for crypto companies amidst escalating hacks.

Read Full Article

like

21 Likes

share

5 Shares

source image

Medium

2w

read

148

img
dot

Image Credit: Medium

The Covered Problem Of AI in IT World. Debraining, Script Kiddies Etc. | NnFaces Specials #6

  • AI in the IT world is a topic of concern for NnFace, a hacker and bug bounty hunter for 5 years.
  • NnFace discusses the impact of AI on different IT roles, noting that programmers may face challenges while senior programmers are likely to retain their jobs.
  • AI is seen as a more optimal option for certain tasks, but NnFace emphasizes the importance of maintaining human intelligence and logical thinking.
  • NnFace advises programmers to use AI responsibly, cautioning against becoming overly reliant and losing essential problem-solving skills.

Read Full Article

like

6 Likes

share

1 Share

source image

Securityaffairs

2w

read

116

img
dot

Image Credit: Securityaffairs

Taking over millions of developers exploiting an Open VSX Registry flaw

  • A critical flaw in Open VSX Registry discovered by Koi Security could allow attackers to hijack the Visual Studio Code extension hub, posing supply chain risks for millions of developers.
  • The vulnerability in the open-source Open VSX Registry, used by over 8,000,000 developers, could enable full control of the extensions marketplace and potentially compromise developer machines.
  • The flaw stemmed from a GitHub Actions workflow running npm install on untrusted extension code, exposing a secret token (OVSX_PAT) that, if stolen, could lead to a complete marketplace takeover.
  • The disclosure timeline outlines multiple proposed fixes before the issue was resolved, highlighting the significant supply chain risk posed by the vulnerability and the importance of vetting and securing software dependencies.

Read Full Article

like

7 Likes

share

1 Share

source image

Securityaffairs

2w

read

160

img
dot

Image Credit: Securityaffairs

OneClik APT campaign targets energy sector with stealthy backdoors

  • A new APT malware campaign named OneClik, likely associated with a China-linked actor, has been discovered targeting the energy sector using stealthy ClickOnce and Golang backdoors.
  • The campaign utilizes advanced evasion techniques, such as “living off the land” tactics, and deploys Golang backdoors through .NET loaders exploiting Microsoft ClickOnce. Communication is obscured behind AWS services to evade detection.
  • The malware campaign abuses Microsoft’s ClickOnce technology to deliver malware through phishing emails, installing the backdoor RunnerBeacon that communicates with C2 servers to execute commands, escalate privileges, and move laterally.
  • The OneClik campaign cleverly uses AWS services to mask its traffic, making detection challenging. The backdoor design resembles Cobalt Strike's Go variant, suggesting a sophisticated and stealthy approach in targeting the energy sector.

Read Full Article

like

9 Likes

share

2 Shares

source image

Coinpedia

2w

read

259

img
dot

Image Credit: Coinpedia

WazirX Hearing Rescheduled to July 15: Singapore Court Sparks New Hope

  • The Singapore High Court has rescheduled WazirX's next hearing in case HC/SUM 940/2025 to July 15, 2025, with a reserve date of July 16, granting approval for presenting further arguments on restructuring plans.
  • WazirX was directed to submit a supplemental affidavit and written submissions by July 4, 2025, prior to the hearing. Specifics regarding attendance at the hearing are yet to be disclosed by WazirX.
  • Despite 93% of creditors approving WazirX's restructuring plan, concerns linger over the unaddressed $234 million hack and lack of communication from CEO Nischal Shetty regarding potential refunds or the company's future.
  • The outcome of the July 15 hearing is crucial for determining the platform's future operations and the possibility of user compensation, with WazirX's silence exacerbating frustrations among its user base.

Read Full Article

like

15 Likes

share

3 Shares

source image

Securityaffairs

2w

read

398

img
dot

Image Credit: Securityaffairs

APT42 impersonates cyber professionals to phish Israeli academics and journalists

  • Iran-linked APT42, known as Educated Manticore, targets Israeli journalists, cybersecurity experts, and academics with phishing attacks by impersonating security professionals.
  • APT42 focuses on highly targeted spear-phishing using techniques such as credential harvesting, surveillance operations, and malware deployment.
  • The threat actors created fake Gmail login pages and Google Meet invitations to steal email credentials and 2FA codes from victims, gaining unauthorized access to their accounts.
  • The group used custom phishing kits mimicking Gmail, Outlook, and Yahoo, employing live keyloggers and WebSocket connections to control the stolen data.

Read Full Article

like

23 Likes

share

5 Shares

source image

Hackers-Arise

2w

read

134

img
dot

Image Credit: Hackers-Arise

CyberWar: The Breach at Avtodor– Control and Collapse – Breaking Down the Infrastructure, Part 2

  • Detailed infiltration of Avtodor, a Russian state-run company overseeing road infrastructure.
  • Exploiting vulnerabilities for full control, exfiltrating data, and sabotaging system from within.
  • Manipulating fleet monitoring, user paranoia, and accessing and dismantling cloud systems quietly.
  • Operation demonstrates deep network penetration through persistence, planning, and deliberate sabotage.

Read Full Article

like

8 Likes

share

1 Share

source image

Securityaffairs

2w

read

65

img
dot

Image Credit: Securityaffairs

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

  • British national Kai West, also known as IntelBroker, has been indicted in the U.S. for operating a global hacking scheme that involved stealing and selling data, resulting in millions of dollars in damages.
  • Kai West, aged 25, was arrested in France in February 2025 and is currently held in pre-trial detention as the U.S. seeks extradition for cybercrimes.
  • West, who operated under the online alias 'IntelBroker,' is accused of leading CyberN[——] from 2023 to 2025, breaching over 40 organizations, stealing sensitive data, and causing over $25 million in damages by selling the stolen data.
  • The charges against Kai West include computer intrusion and wire fraud, carrying potential sentences of up to 20 years. The case is being led by the Complex Frauds and Cybercrime Unit, with international partners assisting in the investigation.

Read Full Article

like

3 Likes

share

Share

source image

TechCrunch

2w

read

65

img
dot

Image Credit: TechCrunch

US, French authorities confirm arrest of BreachForums hackers

  • U.S. and French authorities have confirmed the arrests of five hackers accused of major hacks and involvement in a cybercrime forum.
  • British national Kai West, known as IntelBroker, is indicted for leading a hacking group and causing over $25 million in damages targeting various victims.
  • The hackers were involved in sensitive data sales and were part of a cybercrime forum named BreachForums, previously shut down by law enforcement agencies.
  • West, along with four other individuals, faces extradition and charges related to computer intrusions, wire fraud, and more.

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

2w

read

238

img
dot

Image Credit: Securityaffairs

Cisco fixed critical ISE flaws allowing Root-level remote code execution

  • Cisco released patches to address two critical vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow remote attackers to execute code as root.
  • The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, enable remote, unauthenticated attackers to run arbitrary code with root privileges.
  • No workarounds are available for these vulnerabilities, and Cisco provided fixed releases to address the issues.
  • The Product Security Incident Response Team (PSIRT) states there have been no reported attacks in the wild exploiting these flaws.

Read Full Article

like

14 Likes

share

3 Shares

source image

Hackersking

2w

read

251

img
dot

Image Credit: Hackersking

Editor Benjamin Tech Guru Keezy.co Changing the Face of Creative Technology

  • Innovative tech guru Editor Benjamin is synonymous with Keezy.co, a creative tech platform.
  • Keezy.co simplifies music creation, prioritizing ease of use for all, including beginners.
  • Editor Benjamin's user-centered vision drives Keezy.co's success and widespread adoption.
  • With intuitive interfaces and inclusive design, Keezy.co reshapes creative technology accessibility.

Read Full Article

like

15 Likes

share

3 Shares

source image

Securityaffairs

2w

read

369

img
dot

Image Credit: Securityaffairs

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog.
  • The D-Link DIR-859 Router Path Traversal Vulnerability (CVE-2024-0769) can lead to information disclosure, and hackers are exploiting it to collect account information.
  • GreyNoise observed exploitation attempts targeting the D-Link DIR-859 routers, impacting all devices and potentially exposing user credentials.
  • CISA orders federal agencies to address the identified vulnerabilities by July 16, 2025, to protect against attacks exploiting the flaws in the catalog.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

2w

read

26

img
dot

Image Credit: Securityaffairs

CitrixBleed 2: The nightmare that echoes the ‘CitrixBleed’ flaw in Citrix NetScaler devices

  • A new security flaw in Citrix NetScaler ADC and Gateway, known as 'CitrixBleed 2,' allows attackers to steal session cookies without authentication, resembling a previous vulnerability.
  • The vulnerability (CVE-2025-5777) results from insufficient input validation, impacting NetScaler gateways and AAA virtual servers, potentially exposing sensitive information and allowing session token theft.
  • This issue affects certain versions of NetScaler ADC and Gateway, requiring users to update to fixed versions to mitigate risks. Another high-severity flaw (CVE-2025-5349) in the management interface also needs attention for security.
  • Citrix advises terminating active ICA and PCoIP sessions after upgrading all NetScaler devices to ensure complete risk mitigation. Security researcher Kevin Beaumont identified the similarities between 'CitrixBleed 2' and a previous vulnerability, stressing the importance of addressing these security issues.

Read Full Article

like

1 Like

share

Share

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app