News
-
"Microsoft: Chinese Hackers Use Qaud7 Botnet to Steal Credentials"Microsoft warns that Chinese threat actors are using the "Quad7" botnet, built with hacked Small Office/Home Office (SOHO) routers, to steal credentials in password-spray attacks.
-
"Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days"Sophos has detailed a years-long battle with Chinese government-backed hacking teams and admitted to using its own custom implants to track the hackers' tools, movements, and tactics.
-
"New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot"Since at least September 2024, users in the US, UK, Spain, Australia, and Japan have been targeted by a new phishing kit named "Xiu Gou," which was designed to deploy phishing attacks globally.
-
"Hackers Target Critical Zero-Day Vulnerability in PTZ Cameras"Hackers are targeting two zero-day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras used in industrial, healthcare, government, and courtroom settings.
-
"New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics"According to researchers at ThreatFabric, "LightSpy," an Apple iOS spyware, now has an improved version with destructive capabilities to prevent the compromised device from booting up.
-
"Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware"Researchers at Bitdefender Labs have discovered a malvertising campaign that abuses Meta's advertising platform and hijacks Facebook accounts to distribute the "SYS01stealer" infostealer.
-
"Hackers Steal 15,000 Cloud Credentials From Exposed Git Config Files"An operation named "EmeraldWhale" has led to the theft of over 15,000 cloud account credentials from thousands of private repositories by scanning for exposed Git configuration files.
-
"Canadian Government Data Stolen By Chinese Hackers"According to the Canadian Centre for Cyber Security's 2025-2026 "National Cyber Threat Assessment," Chinese state-sponsored threat actors have maintained access to at least 20 Canadian government networks for four years to steal valuable data.
-
"Over a Thousand Online Shops Hacked to Show Fake Product Listings"Since 2019, a phishing campaign named "Phish n' Ships" has infected over 1,000 legitimate online stores to promote fake product listings for rare items.
-
"Ransomware Hits Web Hosting Servers via Vulnerable CyberPanel Instances"A threat actor has targeted about 22,000 vulnerable CyberPanel instances and encrypted files on the servers that run it using PSAUX and other ransomware. CyberPanel is a popular open source control panel for managing servers used to host websites.
-
"Ex-Disney Employee Charged With Hacking Menu Database"The former Disney employee was arrested and charged with hacking the company's systems and changing restaurant menus. Michael Scheuer, a former Disney menu production manager, was charged with three Computer Fraud and Abuse Act (CFAA) violations.
-
"LiteSpeed Cache WordPress Plugin Bug Lets Hackers Get Admin Access"The free version of the popular WordPress plugin LiteSpeed Cache recently fixed a dangerous privilege elevation flaw with its latest update that could allow unauthenticated site visitors to gain admin rights.