Security News

zkLend loses $9.5M in crypto heist, asks hacker to return 90%
2025-02-12 23:08

Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]

DPRK hackers dupe targets into typing PowerShell commands as admin
2025-02-12 18:56

North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns. [...]

North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
2025-02-12 10:43

The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to...

Russian military hackers deploy malicious Windows activators in Ukraine
2025-02-11 16:44

The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. [...]

SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
2025-02-11 15:56

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the...

Hacker pleads guilty to SIM swap attack on US SEC X account
2025-02-10 18:46

Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...]

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
2025-02-10 15:16

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the...

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
2025-02-10 05:14

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and...

Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
2025-02-07 18:42

Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial...

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
2025-02-07 05:19

Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what appears to be a ransomware...