Security News

Hacker pleads guilty to SIM swap attack on US SEC X account
2025-02-10 18:46

Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...]

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
2025-02-10 15:16

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the...

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
2025-02-10 05:14

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and...

Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
2025-02-07 18:42

Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial...

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
2025-02-07 05:19

Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what appears to be a ransomware...

Kimsuky hackers use new custom RDP Wrapper for remote access
2025-02-06 18:55

The North Korean hacking group known as Kimsuky was observed in recent attacks using a custom-built RDP Wrapper and proxy tools to directly access infected machines. [...]

Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
2025-02-06 17:50

Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]

Suspected NATO, UN, US Army hacker arrested in Spain
2025-02-06 11:14

The Spanish National Police has arrested a hacker suspected of having breached national and international agencies (including the United Nation’s International Civil Aviation Organization and...

Hackers spoof Microsoft ADFS login pages to steal credentials
2025-02-05 18:41

A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication...

AMD fixes bug that lets hackers load malicious microcode patches
2025-02-05 18:30

​AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. [...]