Security News

Veeam RCE bug lets domain users hack backup servers, patch now
2025-03-20 23:30

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data
2025-03-20 10:56

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The...

GitHub Action hack likely led to another in cascading supply chain attack
2025-03-18 20:03

A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed to have led to the recent breach of "tj-actions/changed-files" that...

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
2025-03-17 11:25

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat...

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
2025-03-11 14:35

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns...

Trojaned AI Tool Leads to Disney Hack
2025-03-04 12:08

This is a sad story of someone who downloaded a Trojaned AI tool that resulted in hackers taking over his computer and, ultimately, costing him his job.

U.S. recovers $31 million stolen in 2021 Uranium Finance hack
2025-03-01 00:22

U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, a Binance Smart Chain-based DeFi protocol. [...]

$1.5B Bybit Hack is Linked to North Korea, FBI Says, in Potentially the Largest Crypto Heist Ever
2025-02-28 19:30

The FBI referred to the attack as “TraderTraitor,” a malicious campaign linked to North Korean state-sponsored hackers the Lazarus Group.

Serbian police used Cellebrite zero-day hack to unlock Android phones
2025-02-28 16:27

Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]

Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
2025-02-27 07:15

The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company's CEO Ben Zhou declared a "war against...