tag—Hacker
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli OrganizationsAn Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRATA suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider CampaignThe North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,
Alleged Scattered Spider hacker extradited to the United StatesA dual United States and Estonian citizen has been extradited to the U.S. to face charges alleging he was a member of the Scattered Spider hacking collective.
Kubota says hackers had month-long access to network systemsKubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year.
DHS confirms hackers breached HSIN info-sharing platformThe Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners.
Hackers target Microsoft 365 accounts with 81 million login attemptsAn aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period.
FBI: Russian hackers now target Signal backup recovery keysThe FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims' historical messages.
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery KeysThe FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore the account's backup, read the private and group message history, and take over the account. Worse, the key keeps working.
Polymarket customers lose $3 million in supply-chain attackPolymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor.