Tootfinder

Salt Typhoon hackers ‘almost certainly’ in Australia’s critical infrastructure
https://www.smh.com.au/technology/salt-typhoon-hackers-almost-certainly-in-australia-s-critical-infrastructure-20251231-p5nqwn.htm…

Salt Typhoon hackers ‘almost certainly’ in Australia’s critical infrastructure
China’s hacking campaign is one of the most effective long-term espionage moves ever seen, a top cybersecurity figure says.

Hackers attempt to extort parents after school refuses to pay ransom fee https://therecord.media/hackers-attempt-to-extort-parents-after-school-refuses-ransom-demand

Notepad Hijacked by
State-Sponsored Hackers
Following the security disclosure published in the v8.8.9 announcement investigation has continued in collaboration with external experts and with the full involvement of the (now former) shared hosting provider.
According to the analysis provided by the security experts,
the attack involved infrastructure-level compromise
that allowed malicious actors to intercept and redirect update traffic destined for notepad-plu…

Notepad Hijacked by State-Sponsored Hackers.
#notepadplusplus

"Setting the stage for the crime begins with sophisticated hackers compromising a freight broker’s load board account, which is an online marketplace where trucking loads are listed and bid on. As typical in many data breaches and other cyberattacks, the accounts are compromised through social engineering and spear phishing. After taking over a freight broker’s account, the criminals then post a fraudulent load listing offering an attractive shipment."
How Hackers And Cargo T…

How Hackers And Cargo Thieves Orchestrated The Great Massachusetts Lobster Heist
how cybercriminals and organized cargo thieves stole 40,000 pounds of lobster using hacked load boards, fictitious pickups and sophisticated supply chain attacks.

Notepad hijacked by suspected state-sponsored hackers https://therecord.media/popular-text-editor-hijacked-by-suspected-state-sponsored-hackers

Notepad and security researchers say Chinese state-sponsored threat actors were likely behind the hijacking of its update traffic from June to December 2025 (Bill Toulas/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

A: "[The 8yo] was telling me all the things she knows about hackers.."
me: "Mm-hmm"
A: "She told me how you can send a super long password to overflow a buffer"
me: "Oh yeah."
A: "Why does our 8 YEAR OLD know how to write exploits??"
me: "It, uh, came up at bedtime one night.."
#parenting

Noterpad user? You should read this #security

https://www.richardsilverstein.com/2025/12/30/iranian-hackers-break-cell-phone-of-scandal-plagued-netanyahu-aide/
Israeli hacking group Handala exposed dozens of names and phone numbers of Israel’s security detail …

Iranian Hackers Break Cell Phone of Scandal-Plagued Netanyahu Aide – Tikun Olam תיקון עולם إصلاح العالم
Exposing secrets of the Israeli national security state

Iran-linked hackers target Israeli, Egyptian critical infrastructure through phishing campaign https://therecord.media/iran-linked-hackers-target-israel-egypt-phishing

The Everest Group is demanding $6 million from Iberia Airlines as a ransom to stop the data it stole from being leaked or sold.
https://www.paddleyourownkanoo.com/2025/11/29…

Hackers Are Now Demanding $6 Million From Spain's Iberia Airline To Stop Leaking Passenger Data From Massive Cyber Breach
Hackers are demanding $6 million from Iberia airline after breaching a database and threatening to leak personal passenger data.

FCC says hackers hijack US radio gear to send fake alerts, obscenities (Reuters)
https://www.reuters.com/world/us/fcc-says-hackers-hijack-us-radio-gear-send-fake-alerts-obscenities-2025-11-26/
http://www.memeorandum.com/251126/p119#a251126p119

Metacurity is back from a Thanksgiving holiday break with an extensive run-down of the critical cybersecurity developments since last Monday, including
--Some ChatGPT customer data was exposed by a breach at vendor Mixpanel,
--Lazarus Group suspected of $30.6m breach of Upbit,
--Korea's shopping platform Coupang hacked by a former insider to access 30m customers' data,
--Lazarus Group and Kimsuky are DPRK's most prolific hackers,
--Korea arrests four …

Some ChatGPT customers' data were exposed by a breach at vendor Mixpanel
Lazarus Group suspected of $30.6m breach of Upbit, Korea's shopping platform Coupang hacked by a former insider to access 30m customers' data, Lazarus Group and Kimsuky are DPRK's most prolific hackers, Korea arrests four for hacking 120K IP cameras, OnSolve CodeRED platform hit by attack, much more

Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange https://therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange

Check out today's Metacurity for the critical infosec developments you should know, including
--European authorities dismantle the Cryptomixer service,
--Indian government wants smartphone makers to preload state-owned security app,
--Indian government wants to bar comms apps from working on SIM-less devices,
--Korea launches probe into Coupang breach and threatens punitive damages,
--DPRK hackers target S. Koreans with fake tax invoices,
--Malware-laden…

European authorities dismantle the Cryptomixer service that laundered illicit Bitcoin
Indian government wants smartphone makers to preload state-owned security app, Indian government wants to bar comms apps from working on SIM-less devices, Korea launches probe into Coupang breach and threatens punitive damages, DPRK hackers target S. Koreans with fake tax invoices, much more

​🚨 A massive cyberattack has crippled #Mikord, the key developer behind Russia’s Unified Military Registry, wiping out over 40TB of infrastructure, including source code and backups.
https://substack.com/@jaanika/note/c-1

Unit 42 details how underground hacking forums advertise and sell custom, jailbroken, and open-source AI hacking tools such as WormGPT and KawaiiGPT (Derek B. Johnson/CyberScoop)
https://cyberscoop.com/malicious-llm-tools-cybercrime-wormgpt-kawaiigpt/

🌖 Ex-cybersecurity staffers charged with moonlighting as hackers
https://www.japantimes.co.jp/news/2025/11/04/world/crime-legal/ex-cybersecurity-staffers-hackers/
🆓

Ex-cybersecurity staffers charged with moonlighting as hackers
Three cybersecurity employees spent years launching ransomware attacks to extort millions of dollars from victims around the U.S., prosecutors alleged.

From @…: How Hackers Are Fighting Back Against ICE
https://www.eff.org/deeplinks/2026/01/how-hackers-are-fighting-back-against-ice…

How Hackers Are Fighting Back Against ICE
A few enterprising hackers have started projects to do counter surveillance against ICE, and hopefully protect their communities through clever use of technology.

そういえばTootleについて、危険であるという指摘もありましたね。
謎にクリップボードアクセスしていること、Google Analytics for Firebaseで行動追跡情報を収集していること、それらのプライバシーポリシー（収集範囲や用途制限の宣言）が公開されていないこと、かな。通知をリレーするサーバが情報収集しやすいという話もあります。
こちらに収集している情報のjsonとか書いておきました。
https://

Pakistan-linked hackers target Indian government, universities in new spying campaign https://therecord.media/pakistan-linked-hacking-group-targets-indian-orgs

Hackers can turn your washing machine into a Wasserkocher? #39c3

The Korean National Police Agency National Office of Investigation (NOI) said on the 30th it arrested four people who hacked about 120,000 homecam IP cameras and sold the videos to an overseas site for sexual purposes
https://biz.chosun.com/en/en-society/2025/11/3…

Korean police arrest hackers who sold 120,000 IP camera videos
Korean police arrest hackers who sold 120,000 IP camera videos

Google confirms hackers stole Salesforce-stored data from 200 companies via a supply chain hack involving Gainsight, which provides a customer support platform (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/2025/11/21/goog

Google says hackers stole data from 200 companies following Gainsight breach | TechCrunch
Notorious hacking collective Scattered Lapsus$ Hunters takes credit for the breach that affected Salesforce customers’ data, and said it is planning another extortion campaign.

I submitted a proposal for a lightning talk for #FOSDEM . It's about .... from street-level hack to open cultural production.
https://pretalx.fosdem.org/fosdem-2026

The Lazarus group stands accused of stealing approximately 45 billion won ($30.6 million) from Upbit, South Korea's largest cryptocurrency platform.
https://en.yenisafak.com/world/north-koreas-lazarus-hackers-steal-30-million…

North Korea's Lazarus hackers steal $30 million from South Korean exchange
North Korea's Lazarus hacking group is suspected of stealing approximately $30.6 million in cryptocurrency from South Korea's largest digital asset exchange, Upbit.

RE: https://masto.hackers.town/@rgegriff/115555220750043172
As someone who hates seeing Acrobat commercials I'm so excited.
But I would use Krita or some other tool before Adobe. In web world figma has full ownership.

This deeply offends me because most people make me feel uncomfortable.
One thing I learned quite early in life is that this is not their fault. It was an extremely valuable lesson. My discomfort isn’t something other people need to resolve. As if they could… @…

Cybersecurity researchers have uncovered a new form of attack that hackers could leverage to steal sensitive information from Microsoft's Copilot chatbot with just a single click.
https://www.computing.co.uk/news/2026/security/single-click-attac…

Single-click attack targeting Copilot users, researchers warn
Cybersecurity researchers have uncovered a new form of attack that hackers could leverage to steal sensitive information from Microsoft's Copilot chatbot with just a single ...

Chainalysis and TRM Labs estimate that $2.7B was stolen in crypto in 2025 in total, up from $2.2B in 2024; the biggest hack was the $1.4B breach at Bybit (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/2025/12/23/hackers-stole-…

Hackers stole over $2.7B in crypto in 2025, data shows | TechCrunch
This was another banner year for crypto hacks and heists — 2025 was the third year in a row that a new crypto theft record was set.

🫵 Nation-state hackers deliver malware from “bulletproof” blockchains
https://arstechnica.com/security/2025/10/hackers-bullet-proof-hosts-deliver-malware-from-blockchains/

Nation-state hackers deliver malware from “bulletproof” blockchains
Malicious payloads stored on Ethereum and BNB blockchains are immune to takedowns.

"Korea’s Board of Audit and Inspection found that hackers breached all seven public-sector systems tested in a simulated cyberattack, exposing serious weaknesses in the government's protection of large volumes of personal data."

Hackers breach all tested public-sector systems in Korean audit board's simulated cyberattack
Korea’s Board of Audit and Inspection found that hackers breached all seven public-sector systems tested in a simulated cyberattack, exposing serious weaknesses in the government's protection of large volumes of personal data.

In 2016, The Atlantic’s journalist
Shane Harris
made contact with a person claiming to work as a hacker for Iran’s intelligence,
where he claimed to have worked on major operations,
such as the downing of an American drone and the now-infamous hack against oil giant Saudi Aramco,
where Iranian hackers wiped the company’s computers.
Harris was rightly skeptical,
but as he kept talking to the hacker,
who eventually revealed his real name to him,…

They Killed My Source
A man claiming to be an Iranian intelligence officer promised me he would reveal his country’s secrets. Then he disappeared.

Hackers exploit 3D design software to target game developers, animators https://therecord.media/hackers-blender-software-malware

A YouTuber hacked a North Korean military computer, revealing footage of North Korean soldiers captured on webcam
https://www.chosun.com/english/national-en/2026/01/29/PBEH25CATZCELKJLAZRGVBPXFA/

North Korean Hackers' Daily Life Leaked in Video
North Korean Hackers Daily Life Leaked in Video North Korean hackers use AI, VPNs to secure jobs, funneling funds to regime

https://www.eunews.it/en/2025/11/26/belgium-rewards-ethical-hackers-who-uncover-government-it-vulnerabilities/
Belgium rewards ‘ethical hackers’ who uncover government IT vulnerabilities

Belgium rewards 'ethical hackers' who uncover government IT vulnerabilities
The Belgian Cyber Security Centre (CCB) launched #HackTheGovernment2025, a national initiative involving 71 professionals and students, aiming to strengthen the resilience of federal public services

The Chaos Computer Club (CCC) said the project aims to loosen what it described as the “chokehold” of US technology companies on Europe, which is damaging democracy.
https://www.eurasiareview.com/30122025-german-hackers-call-fo…

India and the EU signed a security and defense pact yesterday, covering a lot of cyber territory. But Intelligence Online says the EU wanted India to rein in its hacking-for-hire industry, which India denies even exists. So that was left out of the deal.

Europe/India • Indian 'hackers for hire' to continue to thrive under Brussels-New Dehli trade deal
The major trade and strategic agreement signed on 27 January between the European Union and India includes a cyber component, which has been subject to a discreet tug-of-war between cyber diplomats

Ubisoft says it intentionally shut down Rainbow Six Siege and its in-game Marketplace to resolve an "incident"; reports say hackers breached internal systems (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

Hackers knock out systems at Moscow-run postal operator in occupied Ukraine https://therecord.media/hackers-knock-out-systems-russia-operated-post-ukraine

https://www.ynetnews.com/article/s161vadwbx
This is creepy. The Iranian hacking group Handala hacked an Israeli nuclear scientist’s car and left a threatening message.

Iranian hackers claim they left a heavy bouquet in Israeli nuclear scientist’s car
Iranian hacker group Handala claims it broke into the car of an Israeli nuclear scientist, left a heavy bouquet and a veiled threat, and released what it says are names and phone numbers of Unit 8200 personnel Israel has not confirmed it

Pro-Russian hackers claim attack on French postal service operator https://therecord.media/pro-russia-hackers-claim-attack-la-poste

CrowdStrike catches insider feeding information to hackers
https://www.bleepingcomputer.com/news/security/crowdstrike-catches-insider-feeding-information-to-hackers/

CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with unnamed threat actors.

Hackers Say They've Hacked Match Group, Maker of Hinge, OkCupid
https://www.404media.co/match-group-hacked-tinder-okcupid-hinge/

Hackers Say They've Hacked Match Group, Maker of Hinge, OkCupid
Match Group says it is investigating claims that a mass of internal data was hacked from its popular dating apps.

Coinbase says a former customer service agent was arrested in India, following a May breach where hackers bribed contractors to access sensitive customer data (Muyao Shen/Bloomberg)
https://www.bloomberg.com/news/articles/202…

Hackers target Afghan government workers with fake correspondence from senior officials https://therecord.media/hackers-target-afghan-workers

North Korean hackers stole a record $2.02B in crypto in 2025, a 51% YoY rise that takes its cumulative stolen total to $6.75B; individual wallet hacks hit 158K (Chainalysis)
https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2026/

2025 Crypto Theft Reaches $3.4 Billion
North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% year-over-year increase, pushing their all-time total to $6.75 billion.

Check out today's Metacurity to stay up-to-date on the critical infosec developments you should know, including
--The interim head of CISA uploaded sensitive documents to ChatGPT,
--Koreans to be notified of possible data breaches,
--Operations at Russian security systems outfit were disrupted by a cyberattack,
--EU-India security deal omits hackers-for-hire,
--Threat actors exploit a high-severity vulnerability in WinRAR,
--Mustang Panda can steal logi…

The interim head of CISA uploaded sensitive documents to ChatGPT
Koreans to be notified of possible data breaches, Operations at Russian security systems outfit were disrupted by a cyberattack, EU-India security deal omits hackers-for-hire, Threat actors exploit a high-severity vulnerability in WinRAR, Mustang Panda can steal login data from browsers, much more

Municipal emergency warning service offline after hackers steal user data https://therecord.media/emergency-warning-service-offline

ICYMI - the FCC warned broadcasters about hackers hijacking radio gear to play fake emergency alerts
https://docs.fcc.gov/public/attachments/DA-25-996A1.pdf

Grubhub confirms hackers stole data in recent security breach
https://www.bleepingcomputer.com/news/security/grubhub-confirms-hackers-stole-data-in-recent-security-breach/

Grubhub confirms hackers stole data in recent security breach
Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources telling BleepingComputer the company is now facing extortion demands.

How Sandia Labs’ Chrisma Jackson protects nuclear secrets from hackers around the clock
https://www.abqjournal.com/business/how-sandia-labs-chrisma-jackson-protects-nuclear-secrets-from-hackers-around-the-clock…

How Sandia Labs’ Chrisma Jackson protects nuclear secrets from hackers around the clock
Chrisma Jackson, Sandia National Laboratories’ top cybersecurity director, discusses protecting nuclear weapons data from constant threats and how her team defends against sophisticated attacks around the clock.

Hackers Say They've Hacked Match Group, Maker of Hinge, OkCupid https://www.404media.co/match-group-hacked-tinder-okcupid-hinge/

"According to the report, the spearphishing emails relied on links that appeared trustworthy because they passed through legitimate online advertising and click-tracking systems commonly used to track user engagement."
North Korea-linked hackers pose as human rights activists, report says
<…

North Korea-linked hackers pose as human rights activists, report says - UPI.com
North Korea-linked hackers are using emails that impersonate human rights organizations and financial institutions in phishing attacks, according to a report released Monday.

https://www.theguardian.com/technology/2025/dec/29/ransomware-negotiations-extortion-cyber-attacks
“S-RM now claims the UK’s largest cyber-incident response team. Its first-responder service is comprised of about 150 experts world…

‘Why should we pay these criminals?’: the hidden world of ransomware negotiations
Cybersecurity experts reveal what they do for high-profile clients targeted by hackers such as Scattered Spider

Australia's spy chief said Chinese state hackers probed telecom networks and critical infrastructure; Australia lost $8B last year to espionage (Kirsty Needham/Reuters)
https://www.reuters.com/world/china/austra

Target's dev server offline after hackers claim to steal source code
https://www.bleepingcomputer.com/news/security/targets-dev-server-offline-after-hackers-claim-to-steal-source-code/

Target's dev server offline after hackers claim to steal source code
Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform. After BleepingComputer notified Target, the files were taken offline and the retailer's developer Git server was inaccessible.

CBO director testifies that hackers have been expelled from email systems https://therecord.media/congressional-budget-office-director-testifies-hackers-expelled

https://www.bleepingcomputer.com/news/security/pornhub-extorted-after-hackers-steal-premium-member-activity-data/
Uh oh
PornHub extorted after hackers steal Premium member activity data

PornHub extorted after hackers steal Premium member activity data
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach.

Chinese hackers targeting ‘high value’ North American critical infrastructure, Cisco says https://therecord.media/china-hackers-apt-cisco-talos

Source: Twenty, which uses AI to help hackers for the US military penetrate adversary computer networks, raised a $38M Series A led by Caffeinated Capital (Margi Murphy/Bloomberg)

Swayne blamed “hackers” in 2006 after leaked emails revealed his disparaging nicknames for fellow MPs, including “Mr Angry” and “mincehead.”
Conservative Lawmaker Blames ‘Hackers’ After His Account Shares Photo of a Shirtless Man: ‘Needless to Say I Was Disgusted

Conservative Lawmaker Blames ‘Hackers’ After His Account Shares Photo of a Shirtless Man: R ...
A conservative lawmaker from the U.K. blamed "hackers" on Wednesday after his account reposted a photo of a shirtless man with abs.

Nike probes potential cyber incident after hackers claim data leak https://therecord.media/nike-probes-alleged-cyber-incident

How Hackers Are Fighting Back Against ICE
https://www.eff.org/deeplinks/2026/01/how-hackers-are-fighting-back-against-ice

How Hackers Are Fighting Back Against ICE
A few enterprising hackers have started projects to do counter surveillance against ICE, and hopefully protect their communities through clever use of technology.

"Twenty’s contracts are a rare case of an AI offensive cyber company with VC backing landing Cyber Command work; typically cyber contracts have gone to either small bespoke companies or to the old guard of defense contracting like Booz Allen Hamilton or L3Harris."
The Pentagon Is Spending Millions On AI Hackers

The Pentagon Is Spending Millions On AI Hackers
The U.S. government has been contracting stealth startup Twenty, which is working on AI agents and automated hacking of foreign targets at massive scale.

CrowdStrike confirms that an insider shared screenshots from internal systems with unnamed threat actors but says its systems were not breached (Sergiu Gatlan/BleepingComputer)
https://www.bleepingcomputer.com/news/security/crowdstri…

Russian BlueDelta hackers ran phishing campaign against Ukrainian webmail users https://therecord.media/russian-bluedelta-hackers-ran-phishing-ukraine-webmail

So much cybersecurity news, so little time. Check out today's Metacurity for a quick run-down of the most crucial infosec developments you should know today, including
--Hackers claim to be selling Target's internal source code,
--Poland thwarted power system cyberattack,
--Hackers accessed the systems of Spanish energy provider Endesa and Energía XXI,
--Personal finance platform Betterment was hacked through third-party,
--Dutch national sentenced to sev…

Hackers claim to be selling Target's internal source code
Poland thwarted power system cyberattack, Hackers accessed the systems of Spanish energy provider Endesa and Energía XXI, Personal finance platform Betterment was hacked through third-party, Dutch national sentenced to seven years for hacking, Korea's Kyowon Group hit with ransomware, much more

Russian state hackers likely behind wiper malware attack on Poland’s power grid https://therecord.media/russia-eset-sandworm-poland-hack

At a cyber con two weeks ago, someone told me with a straight face that Elon and his Silicon Valley buddies want our cyber defenses to be weak for access to all the government data for their LLMs.
The U.S. has been cutting cyber defenses as AI boosts attacks
https://www.washingtonpost.com…

The U.S. has been cutting cyber defenses as AI boosts attacks
While artificial intelligence powers the offense, defense guidance is spotty and fewer officials are in a position to help fend off hackers and spies.

Check out today's Metacurity for a ton of critical infosec developments you might have missed over the weekend, including
--Cyberattack on a critical third-party vendor could expose top banks' customer data,
--An insider shared internal CrowdStrike screenshots on Telegram,
--Hackers stole Salesforce-stored data from 200 companies,
--DOGE has purportedly disbanded,
--Harvard is the latest Ivy to get hacked,
--AI models can sabotage coding projects, …

Cyberattack on a critical third-party vendor could expose top banks' customer data
An insider shared internal CrowdStrike screenshots on Telegram, Hackers stole Salesforce-stored data from 200+ companies, DOGE has purportedly disbanded, Harvard is the latest Ivy to get hacked, AI models can sabotage coding projects, Singapore raids scam-connected firm, much more

Cyera researchers detail Ni8mare, a critical RCE flaw that lets hackers access local instances of the n8n workflow automation platform, impacting ~100K servers (Bill Toulas/BleepingComputer)
https://www.bleepingcomputer.com/news/secur…

Check out today's packed Metacurity for the most critical infosec developments you should know, including
--Venezuela's state-run oil company PDVSA was hit by a cyberattack,
--Coupang's founder failed to show at parliamentary hearing,
--Vast majority of parked domains foist scams and malware,
--FTC orders Nomad to pay victims after hackers stole cryptocurrency,
--noyb alleges data exposure by TikTok, Grindr and AppFlyer,
--Hackers exploit critica…

Venezuela's state-run oil company PDVSA was hit by a cyberattack
Coupang's founder didn't show at parliamentary hearing, Majority of parked domains foist scams and malware, FTC orders Nomad to pay victims after hackers stole cryptocurrency, noyb alleges data exposure by TikTok, Grindr and AppFlyer, Hackers exploit critical flaws in Fortinet products, much more

Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader https://therecord.media/police-raid-homes-of-alleged-black-basta-hackers

Kremlin-linked hackers pose as charities to spy on Ukraine’s military https://therecord.media/kremlin-linked-hackers-pose-as-charities-spy-ukraine

https://www.bleepingcomputer.com/news/security/sandworm-hackers-use-data-wipers-to-disrupt-ukraines-grain-sector/
Sandworm hackers use data wipers to disrupt Ukraine's grain sector

Sandworm hackers use data wipers to disrupt Ukraine's grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue source.

https://www.cnn.com/2026/01/28/politics/hacking-disinformation-election-security
Secret US cyber operations shielded 2024 election from foreign trolls, but now the Trump admin has gutted protections

Secret US cyber operations shielded 2024 election from foreign trolls, but now the Trump admin has gutted protections
Weeks before the 2024 election, American military hackers carried out a secret operation to disrupt the work of Russian trolls spewing false information at US voters.

Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says https://therecord.media/russia-gru-hackers-target-energy-sector-sandworm

This might qualify as a "sophisticated" cyberattack, no?
North Korean state-sponsored hackers hijacked Google accounts to remotely control and wipe smartphones and tablets held by individuals in South Korea, then exploited their KakaoTalk messenger as a channel to spread malware to their contacts

North Korean hackers hijack Google, KakaoTalk accounts to control South Korean phones: Report
The attack marks the first confirmed case of a North Korean state-sponsored hacking group compromising Google accounts. Read more at straitstimes.com. Read more at straitstimes.com.

US, Australia say ‘MongoBleed’ bug being exploited https://therecord.media/us-australia-bug-exploitation

Hackers steal data, extort $350,000 from massage parlor clients
https://koreajoongangdaily.joins.com/news/2025-11-03/national/socialAffairs/Hackers-steal-data-extort-350000-from-massage-parlor-cli…

Hackers steal data, extort $350,000 from massage parlor clients
Police have arrested members of a hacking and phishing crime ring that stole data from massage parlor owner phones in order to scam their clients out of millions of won by threatening to release nonexistent “massage videos” if they didn't pay.

Hackers reportedly breach developer involved with Russia’s military draft database https://therecord.media/hackers-reportedly-breach-developer-involved-in-russian-military-database

Before you head out for the weekend, check out today's Metacurity for the most critical infosec developments you should know, including
--Chinese state hackers used Anthropic to automate cyber intrusions,
--UK MoD knew of Excel's security risks before Afghan data leak,
--NHS investigates Clop's attack claims,
--ASUS patches DSL router critical flaws,
--DoorDash reveals October security incident,
--US feds warn of Akira's expanded encryption …

Chinese state hackers used Anthropic to automate cyber intrusions
UK MoD knew of Excel's security risks before Afghan data leak, NHS investigates Clop's attack claims, ASUS patches DSL router critical flaws, DoorDash reveals October security incident, US feds warn of Akira's expanded encryption capabilities, Kraken is testing how fast it can encrypt, much more

The week's cyber news is really heating up so check out today's Metacurity for the most crucial infosec developments you should know, including
--Two cyber pros became cybercriminals to launch a ransomware campaign,
--Hackers infiltrated trucking and freight companies,
--Lawmakers probe Flock Safety insecurities,
--SK Telecom advised to pay $208 per hacking victim,
--Hackers stole 50K CCTV clips using admin123 password,
--AN0M phone snags 55 more vi…

Two cyber pros became cybercriminals to launch a ransomware campaign
Hackers infiltrated trucking and freight companies, Lawmakers probe Flock Safety insecurities, SK Telecom advised to pay $208 per hacking victim, Hackers stole 50K CCTV clips using admin123 password, AN0M phone snags 55 more victims, Hackers stole $100m+ from DeFi protocol Balancer, much more

Chinese state hackers used Anthropic AI systems in dozens of attacks https://therecord.media/chinese-hackers-anthropic-cyberattacks

"Cody Kociemba, the developer behind the Hack/House project, has taken it upon himself to maintain these aging devices. The solution is called "No Longer Evil," or “NLE” for short. It's an open-source project designed to give decommissioned Nest Thermostats a second life."
ht…

Google killed old Nest thermostats, but hackers are making them work again
A clever workaround restores lost functionality, but is it ready for prime time?

"The effort focused on dozens of targets and involved a level of automation that Anthropic’s cybersecurity investigators had not previously seen"
Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks
https://www.wsj.com/tech/ai/china-hackers-

You don't want to miss today's Metacurity for a surprising number of critical infosec developments you might have missed over the weekend, including
--Pro-Hamas hackers stole plans for Australia's next-gen infantry fighting vehicles,
--Australia, UK, Denmark and Norway raise security concerns about Chinese buses,
--CISA 2015 will extend once US government shutdown ends,
--Chinese cyber company with close ties to Beijing suffered massive hack,
--New NS…

Pro-Hamas hackers stole plans for Australia's next-gen infantry fighting vehicles
Australia, UK, Denmark and Norway raise security concerns about Chinese buses, CISA 2015 will extend once US government shutdown ends, Chinese cyber company with close ties to Beijing suffered massive hack, New NSO Group owner seeks US headquarters, much more

https://www.koreaherald.com/article/10612803
NK hackers hijack Google, KakaoTalk accounts to control phones: report

NK hackers hijack Google, KakaoTalk accounts to control phones: report - The Korea Herald
North Korean state-sponsored hackers hijacked Google accounts to remotely control and wipe smartphones and tablets held by individuals in South Korea, then expl

"The spying operation is alleged to have targeted close aides of Boris Johnson, Liz Truss and Rishi Sunak over the course of three years"

Chinese hackers targeted top UK officials
The spying operation is alleged to have targeted close aides of Boris Johnson, Liz Truss and Rishi Sunak over the course of three years

Check out today's Metacurity for the critical infosec developments you might have missed over the weekend, including
--Black Basta suspects’ homes raided; gang leader added to most-wanted list,
--Jordanian national pleads guilty to access broker charges,
--Acting head of CISA was blocked by colleagues from removing CIO,
--Iranian campaign sought to steal Gmail and other account credentials,
--Man pleads guilty to hacking US S.Ct.,
--DPRK hackers impersona…

Black Basta suspects’ homes raided; gang leader added to most-wanted list
Jordanian national pleads guilty to access broker charges, Acting head of CISA was blocked by colleagues from removing CIO, Iranian campaign sought to steal GMail and other account credentials, Man pleads guilty to hacking US S.Ct., DPRK hackers pose as human rights orgs, much more

In a cyberattack on waste processing company Omrin, The Russian threat group Qilin gained access to the citizen service numbers (BSNs), names, and addresses of all residents of Schiermonnikoog were stolen.
https://www.nu.nl/tweakers/6374…

Hackers stelen bsn's van alle inwoners Schiermonnikoog
Bij een cyberaanval op afvalverwerker Omrin zijn de burgerservicenummers (bsn's), namen en adressen van alle inwoners van Schiermonnikoog gestolen. De Russische hackersgroep Qilin voerde op 12 oktober een hack uit op het bedrijf.

Before you head out for the weekend, check out today's Metacurity for the most critical infosec developments you should know, including
--Trump officials might boycott RSAC citing Easterly's CEO position,
--Grubhub confirms data breach,
--China's UAT-8837 breached CIC orgs in N. America,
--Hackers exploit top severity flaw in Modular DS WordPress plugin,
--Flaw in MD CPUs exposes secure virtualization environment,
--Gemini 'personal intelli…

Trump officials might boycott RSAC citing Easterly's CEO position
Grubhub confirms data breach, China's UAT-8837 breached CIC orgs in N. America, Hackers exploit top severity flaw in Modular DS WordPress plugin, Flaw in MD CPUs exposes secure virtualization environment, Gemini 'personal intelligence' will scan everything, much more

With so much going on in the world, check out today's Metacurity for a one-stop run-down of the critical infosec developments you should know, including
--Microsoft took down massive cybercrime platform RedVDS,
--Google's Fast Pair protocol enables hackers to connect with audio accessories,
--Shipping-related firm Bluspark Global patched a raft of flaws,
--Kimwolf botnet may have hit its maximum potential,
--CNIL fined French mobile companies for data bre…

Microsoft took down massive cybercrime platform RedVDS
Google's Fast Pair protocol enables hackers to connect with audio accessories, Shipping-related firm Bluspark Global patched a raft of flaws, Kimwolf botnet may have hit its maximum potential, CNIL fined French mobile companies for data breach, Cyber authorities warn of OT threats, much more

So much happened over the weekend, so check out today's Metacurity for the most critical infosec developments you might have missed, including
--Hackers who stole trove of sensitive UPenn data derides 'dog**** elitist institution',
--LLM giants are trying to stop indirect prompt injection attacks,
--Oz government warns of Cisco IOS XE flaws,
--Polish authorities probe cyberattack on online loan platform,
--Chinese President Xi Jinping joked about smar…

Hackers who stole trove of sensitive UPenn data derides 'dog**** elitist institution'
LLM giants are trying to stop indirect prompt injection attacks, Oz government warns of Cisco IOS XE flaws, Polish authorities probe cyberattack on online loan platform, Chinese President Xi Jinping joked about smartphone backdoors, Shiba Inu implements massive security upgrade, much more

Every day is a big cyber news day, so don't miss today's Metacurity for the most critical infosec developments you should know, including
--Twin brother hackers arrested for US government hacking, data destruction spree,
--GRU cyber ops sanctioned into Skripal poisoning inquiry,
--Defenders scramble to patch React Server Components' critical flaws,
--AI agents match human attackers in smart contract exploits,
--AZ Atty. General sues Temu for customer …

Twin brother hackers arrested for US government hacking, data destruction spree
GRU cyber ops sanctioned into Skripal poisoning inquiry, Defenders scramble to patch React Server Components' critical flaws, AI agents match human attackers in smart contract exploits, AZ Atty. General sues Temu for customer data theft, Threat intel experts recorded DPRK IT recruiters, much more

I don't know why, given all the important institutions that hackers attack -- hospitals, schools, daycare centers -- but it really bothers me when they do things like this. It seems gratuitous somehow.
Cyberattack on the Dresden State Art Collections
https://artdependence.com/…

ArtDependence | Cyberattack on the Dresden State Art Collections
Cyberattack on the Dresden State Art Collections

Each week, Metacurity offers our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush.
This week's selection includes,
--A journalist's talks with an Iranian hacking leader ended with murder,
--Hackers attacked Aeroflot's still-insecure infrastructure,
--The war on disinformation has been dismantled,
--Trump's DOJ uses Americans' own data …

Best infosec-related long reads for the week of 12/6/25
A journalist's talks with an Iranian hacking leader ended with murder, Hackers attacked Aeroflot's still-insecure infrastructure, The war on disinformation has been dismantled, Trump's DOJ uses Americans' own data to limit voting rights, The Wassenaar Arrangement can help limit spyware exports

Planning applications in one of London’s wealthiest boroughs have ground to a halt as a result of a cyberattack before Christmas, leaving residents and businesses in limbo.

Hackers bring Chelsea’s planners to a standstill
London councils are scrambling to get services online after a cyberattack before Christmas