Cyber News & Articles

This month could barely have started any worse for some financial institutions in Brazil.

Approximately US $140 million was stolen from the reserve accounts of six financial institutions after a cyber attack hit a service provider.

Read more in my article on the Hot for Security blog.

Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don’t start with alarms—they sneak in through the little things we overlook. A tiny bug, a reused password, a quiet connection—that’s all it takes.
Staying safe isn’t just about reacting fast. It’s about catching these early signs

If you didn’t hear about Iranian hackers breaching US water facilities, it’s because they only managed to control a single pressure station serving 7,000 people. What made this attack noteworthy wasn’t its scale, but how easily the hackers gained access — by simply using the manufacturer’s default password “1111.” This narrow escape prompted CISA to urge manufacturers to

A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT.
The activity has been attributed by Recorded Future’s Insikt Group to a threat actor tracked as TAG-140, which it said overlaps with SideCopy, an adversarial collective assessed to be an operational sub-cluster within

Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China.
The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts.
“The attacker used a modified version of XMRig with a hard-“coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders,” Wiz researchers Yaara Shriki and Gili

Nothing says “Holiday Weekend” like a mysterious IT outage.

Another scummy stalkerware app has spilled its guts, revealing the details of its 62,000 users – and data from thousands of victims’ infected devices.

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China.
According to QiAnXin’s RedDrip Team, the threat actor has been active since 2023 and has switched network

The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site.

In a statement on its extortion site, the ransomware group says that it has not only “decided to close the Hunters International project” but is also offering free decryption tools to its previous victims – with no ransom payment required.

Read more in my article on the Hot for Security blog.