The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university's development and alumni activities and stole data in a cyberattack. In a new statement, Penn confirmed BleepingComputer's reporting that the hackers breached its systems using compromised credentials, stating they were stolen in a social engineering attack. On October 31, Penn discovered that a select group of information systems had been compromised. READ MORE...
SonicWall has blamed an unnamed, state-sponsored collective for the September break-in that saw cybercriminals rifle through a cache of firewall configuration backups. The network security vendor said it spotted "suspicious activity" in early September involving the unauthorized downloading of backup firewall configuration files. The company initially said that "fewer than 5 percent" of its firewall installed base had files accessed, but later admitted that "all customers" were affected READ MORE...
The North American arm of South Korea-based automotive IT services firm Hyundai AutoEver has disclosed a data breach resulting from a hacker attack that targeted the company earlier this year. Hyundai Autoever is the in-house IT and software company for the Hyundai Motor Group, which owns the Hyundai, Kia and Genesis car brands. Hyundai Autoever employs more than 6,000 people worldwide. READ MORE...
State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET's APT Activity Report covering April through September 2025. The research highlights how operations linked to Russia, China, Iran, and North Korea have evolved in scope and technique, showing that nation-state activity remains a constant source of disruption. READ MORE...
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare's public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says Aisuru's overlords are using the botnet to boost their malicious domain rankings, while simultaneously attacking the company's domain name system (DNS) service. READ MORE...
State workers were put on paid administrative leave. Nevada residents couldn't receive their driver's licenses. Employers were unable to conduct background checks on new hires. These were all effects of a massive cyberattack in Nevada that took nearly a month to fully restore its services. The ransomware attack - though discovered in August - occurred as early as May when a state employee mistakenly downloaded malicious software, and cost at least $1.5 million to recover. READ MORE...
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. Gootloader is a JavaScript-based malware loader spread through compromised or attacker-controlled websites, used to trick users into downloading malicious documents. The websites are promoted in search engines either via ads or through search engine optimization (SEO) poisoning. READ MORE...
Digital intruders have been targeting UK drinking water systems in what seems to be a growing risk. Recorded Future News sent a request to the UK's Drinking Water Inspectorate (DWI), the organization responsible for ensuring that drinking water is safe, for details on cyberattacks affecting the country's water system. Using freedom of information laws, the site discovered five incidents that had taken place since January 1, 2024. READ MORE...
Google on Wednesday revealed five recent malware samples that were built using generative AI. The end results of each one were far below par with professional malware development, a finding that shows that vibe coding of malicious wares lags behind more traditional forms of development and, thus, still has a long way to go before it poses a real-world threat. Another malware expert agreed that Google's report did not indicate that generative AI is giving developers of malicious wares a leg up. READ MORE...
A critical vulnerability in Cisco IOS XE is being exploited to install an implant called BadCandy in a renewed wave of attacks, according to warnings from Australian government authorities and multiple security researchers. State-linked and criminal hackers have been abusing the vulnerability, tracked as CVE-2023-20198, to install BadCandy in targeted systems since 2023, and have periodically renewed those attacks in waves. READ MORE...
In yet another "Your chatbot may be leaking" moment, researchers have uncovered multiple weaknesses in OpenAI's ChatGPT that could allow an attacker to exfiltrate private information from a user's chat history and stored memories. The issues - seven of them in total - stem largely from how ChatGPT and its helper model, SearchGPT, behave when browsing or searching the Web in response to user queries, whether looking up information, summarizing pages, or opening URLs. READ MORE...