Hacking - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based dot-gov emails get hacked.

Hacking

Hacking Accountability Government Social Engineering

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Days after he apparently finished communicating with Country-1s military intelligence service, Wagenius Googled, ‘can hacking be treason.'” million customers.

Hacking

Hacking Government Identity Theft Accountability

Hacking Digital License Plates

Schneier on Security

DECEMBER 17, 2024

Not everything needs to be digital and “smart.” ” License plates, for example : Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to jailbreak digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold.

Firmware

Firmware Hacking Software

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Schneier on Security

JANUARY 13, 2025

Not sure this will matter in the end, but it’s a positive move : Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content.

Hacking

Hacking Authentication Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Ransomware Hacking Manufacturing

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Subaru Starlink) Admin panel access exposed vehicle data (e.g., location history, VIN) and customer info (e.g.,

Hacking

Hacking Accountability Passwords Authentication

Customs and Border Protection Confirms Its Use of Hacked Signal Clone TeleMessage

WIRED Threat Level

MAY 7, 2025

CBP says it has disabled its use of TeleMessage following reports that the app, which has not cleared the US governments risk assessment program, was hacked.

Hacking

Hacking Government Risk

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Oracle)

Hacking

Hacking Data breaches Encryption Passwords

Apps That Are Spying on Your Location

Schneier on Security

JANUARY 10, 2025

404 Media is reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps (..)

Data collection

Data collection Advertising Media Hacking

More Research Showing AI Breaking the Rules

Schneier on Security

FEBRUARY 24, 2025

OpenAIs o1-preview tried to cheat 37% of the time; while DeepSeek R1 tried to cheat 11% of the timemaking them the only two models tested that attempted to hack without the researchers first dropping hints. While R1 and o1-preview both tried, only the latter managed to hack the game, succeeding in 6% of trials.

Engineering

Engineering Hacking

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

Security Affairs

MAY 16, 2025

pic.twitter.com/x2oBfaSfKS — Trend Zero Day Initiative (@thezdi) May 16, 2025 Nguyen Hoang Thach of STARLabs SG exploited an integer overflow to hack VMware ESXi earning $150,000 and 15 Master of Pwn points. The full list of hacking attempts made during day two is available here. Outstanding!

Hacking

Hacking Information Security

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

Arguing Against CALEA

Schneier on Security

APRIL 8, 2025

This is the access that the Chinese threat actor Salt Typhoon used to spy on Americans: The Wall Street Journal first reported Friday that a Chinese government hacking group dubbed Salt Typhoon broke into three of the largest U.S.

Telecommunications

Telecommunications Internet Internet Government

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

As a result, thousands of spyware operations have been carried out by Italian authorities in recent years, according to a report from Riccardo Coluccini, a respected Italian journalist who specializes in covering spyware and hacking. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware

Spyware Marketing Hacking

North Korean Hackers Steal $1.5B in Cryptocurrency

Schneier on Security

FEBRUARY 25, 2025

” More : This hack sets a new precedent in crypto security by bypassing a multisig cold wallet without exploiting any smart contract vulnerability. The Bybit hack has shattered long-held assumptions about crypto security. .” The announcement on the Bybit website is almost comical.

Cryptocurrency

Cryptocurrency Social Engineering Hacking Engineering

Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked

WIRED Threat Level

MAY 5, 2025

The communications app TeleMessage, which was spotted on former US national security adviser Mike Waltz's phone, has suspended all services as it investigates reports of at least one breach.

Hacking

WhatsApp Case Against NSO Group Progressing

Schneier on Security

APRIL 30, 2025

Meta is suing NSO Group, basically claiming that the latter hacks WhatsApp and not just WhatsApp users. “Additionally, there is no evidence as to the specific kinds of crimes or security threats that its clients actually investigate and none with respect to the attacks at issue.”

Hacking

Hacking Technology

WhatsApp hack: Meta wins payout over NSO Group spyware

Malwarebytes

MAY 8, 2025

Meta has won almost $170m in damages from Israel-based NSO Group, maker of the Pegasus spyware. The ruling comes after a six-year legal case against the company after Meta accused it of misusing its servers to spy on users.

Spyware

Spyware Hacking Surveillance Government

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware

Spyware Government Hacking Software

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

The Hacker News

MAY 15, 2025

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET.

Government

Government Hacking Cybersecurity

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware

Malware Antivirus Software DDOS

Perfectl Malware

Schneier on Security

OCTOBER 14, 2024

North Korea is the government we know that hacks cryptocurrency in order to fund its operations. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware. Something this complex and impressive implies that a government is behind this. But this feels too complex for that.

Malware

Malware Cryptocurrency Internet Internet

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

” I look forward to all the videos of people hacking this system using various disguises. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification.”

Hacking

Hacking Media

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. “It is true our accounts were hacked into but not to the extent of what is being reported. The police’s Criminal Investigations Department and the Auditor General are investigating the incident.

Banking

Banking Government Accountability Hacking

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Silk Typhoon Hackers Indicted

Schneier on Security

MARCH 11, 2025

The indictment against Yin Kecheng, who was previously sanctioned by the Treasury Department in January for his involvement in the Treasury breach, quotes from his communications with a colleague in which he notes his personal preference for hacking American targets and how he’s seeking to ‘break into a big target,’ which he hoped (..)

Government

Government Media Hacking

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Security Affairs

MAY 5, 2025

Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. “This hack is called a Supply Chain Attack, which is one of the worst types. Meetanshi claims no tampering but confirms their server was hacked.

eCommerce

eCommerce Hacking Authentication Software

Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team

The Hacker News

MAY 14, 2025

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises.

Data breaches

Data breaches Hacking

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Japan) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MOVEit) The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce

eCommerce Cybercrime Accountability Passwords

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Krebs on Security

APRIL 30, 2025

prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Mr. Buchanan’s court-appointed attorney did not respond to a request for comment.

Identity Theft

Identity Theft Phishing Cryptocurrency Cybercrime

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

The Hacker News

MAY 8, 2025

Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. since April 29, 2025.

Hacking

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches

Data breaches Passwords B2B Technology

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Synology)

Firmware

Firmware Manufacturing Hacking Media

FBI: Spike in Hacked Police Emails, Fake Subpoenas

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Trending Sources

Hacking Digital License Plates

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Rhysida Ransomware gang claims the hack of the Government of Peru

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Subaru Starlink flaw allowed experts to remotely hack cars

Customs and Border Protection Confirms Its Use of Hacked Signal Clone TeleMessage

NSO Group Spies on People on Behalf of Governments

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Apps That Are Spying on Your Location

More Research Showing AI Breaking the Rules

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

FBI Deletes PlugX Malware from Thousands of Computers

Arguing Against CALEA

Why Italy Sells So Much Spyware

North Korean Hackers Steal $1.5B in Cryptocurrency

Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked

WhatsApp Case Against NSO Group Progressing

WhatsApp hack: Meta wins payout over NSO Group spyware

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Perfectl Malware

Age Verification Using Facial Scans

Hackers stole millions of dollars from Uganda Central Bank

An Interview With the Target & Home Depot Hacker

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Booking.com Phishers May Leave You With Reservations

Silk Typhoon Hackers Indicted

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Amazon discloses employee data breach after May 2023 MOVEit attacks

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Inside the DemandScience by Pure Incubation Data Breach

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Stay Connected