Security News

US sanctions Chinese firm, hacker behind telecom and Treasury hacks
2025-01-17 16:57

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company...

How Russian hackers went after NGOs’ WhatsApp accounts
2025-01-17 15:26

Star Blizzard, a threat actor tied to the Russian Federal Security Service (FSB), was spotted attempting to compromise targets’ WhatsApp accounts through a clever phishing campaign. The campaign...

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
2025-01-16 11:15

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers...

Hackers leak configs and VPN credentials for 15,000 FortiGate devices
2025-01-16 02:57

A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical...

Hackers use Google Search ads to steal Google Ads accounts
2025-01-15 19:02

​Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers' credentials for the Google Ads platform. [...]

Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
2025-01-14 15:57

Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...]

Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware
2025-01-14 09:10

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in...

Microsoft: macOS bug lets hackers install malicious kernel drivers
2025-01-13 18:24

Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...]

Hackers exploit critical Aviatrix Controller RCE flaw in attacks
2025-01-13 17:57

Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. [...]

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
2025-01-13 13:33

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency...