China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
Stay informed on the latest hacking trends, threats, and prevention strategies in cyber security with insightful articles and updates.
Search across headline titles and summaries.
Background for this topic.
Hacking is the use of technical methods to access, alter, disrupt, or examine computer systems and data, either with authorization or without it. In security reporting, the term usually covers unauthorized exploitation of software flaws, exposed services, weak credentials, misconfigurations, and sometimes human trust through phishing or other social engineering.
Its security significance depends on the attacker’s access and objective: a compromised internet-facing system may enable data theft, unauthorized changes, or movement into other systems, while a benign penetration test can reveal the same weaknesses before they are abused. Defenders reduce exposure through timely vulnerability management, secure configuration, strong authentication, network and endpoint monitoring, and tested incident-response procedures. Useful reporting distinguishes confirmed compromise from attempted or suspected activity and identifies the exploited entry point, affected assets, and whether access was contained.
Weekly headline count for the current query.
The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.
A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response.
In the latest evolution of automated cyberattacks, threat actors heavily leveraged AI agents to support campaigns against entities in Mexico and Brazil.
More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance.
Iran has been hacking IP cameras to plan missile strikes against its enemies, and mounting other attacks on physical assets, showing how cyber and kinetic warfare are fast becoming one and the same.
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region.
Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.
A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection.
A new security framework responds to a shift in attackers' tactics, one that allows them to infiltrate enterprises 'silently' through their own policies.
While investigating the cyberattacks, researchers uncovered a new spyware product from Memento Labs, the successor to the infamous Hacking Team.
The Russia-backed threat actor's latest cyber spying campaign is a classic example of how quickly sophisticated hacking groups can pivot when exposed.
Though the groups have shared their decision to go dark, threat researchers say there are signs that it's business as usual.
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration.
CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," which could signify spyware or nation-state hacking.
At one point, Al-Tahery Al-Mashriky was hacking thousands of websites within the span of three months while stealing personal data and sensitive information.
Microsoft has called the hacker collective one of the most dangerous current cyberthreats.
A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders.
The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime underground.
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands.