Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange
Sat, 22 Feb 2025 15:32:40 +0000
Over 400,000 ETH and stETH worth more than $1.5 billion were stolen from the Bybit cryptocurrency exchange.
The post Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange appeared first on SecurityWeek.
https://www.securityweek.com/bybit-hack-drains-1-5-billion-from-cryptocurrency-exchange/
Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack
Sat, 22 Feb 2025 12:29:00 +0530
Cryptocurrency exchange Bybit on Friday revealed that a “sophisticated” attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history.
“The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated
https://thehackernews.com/2025/02/bybit-confirms-record-breaking-146.html
OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns
Sat, 22 Feb 2025 10:47:00 +0530
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool.
The social media listening tool is said to likely originate from China and is powered by one of Meta’s Llama models, with the accounts in question using the AI company’s models to generate detailed descriptions and analyze documents
https://thehackernews.com/2025/02/openai-bans-accounts-misusing-chatgpt.html
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Fri, 21 Feb 2025 21:45:00 +0530
Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.
The development was first reported by Bloomberg.
ADP for iCloud is an optional setting that ensures that users’ trusted devices retain sole access to the encryption keys used to unlock data stored in its
https://thehackernews.com/2025/02/apple-drops-iclouds-advanced-data.html
Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations
Fri, 21 Feb 2025 21:36:00 +0530
An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country.
Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. But it’s also providing “boutique” solutions in order
https://thehackernews.com/2025/02/data-leak-exposes-topsecs-role-in.html
Freelance Software Developers in North Korean Malware Crosshairs
Fri, 21 Feb 2025 15:58:20 +0000
ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters.
The post Freelance Software Developers in North Korean Malware Crosshairs appeared first on SecurityWeek.
https://www.securityweek.com/freelance-software-developers-in-north-korean-malware-crosshairs/
Apple Pulls Advanced Data Protection for New UK Users Amid Backdoor Demand
Fri, 21 Feb 2025 15:56:04 +0000
Apple says it can no longer offer end-to-end encrypted cloud backups in the UK and insists it will never build a backdoor or master key.
The post Apple Pulls Advanced Data Protection for New UK Users Amid Backdoor Demand appeared first on SecurityWeek.
https://www.securityweek.com/apple-pulls-advanced-data-protection-for-new-uk-users-amid-backdoor-demand/
Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics
Fri, 21 Feb 2025 14:54:13 +0000
Cisco Talos observed Chinese hackers pivoting from a compromised device operated by one telecom to target a device in another telecom.
The post Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics appeared first on SecurityWeek.
https://www.securityweek.com/cisco-details-salt-typhoon-network-hopping-credential-theft-tactics/
In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked
Fri, 21 Feb 2025 13:35:32 +0000
Noteworthy stories that might have slipped under the radar: Black Basta ransomware chat logs leaked, SEC launches new cyber unit, DOGE website hacked.
The post In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-black-basta-chats-leaked-new-sec-cyber-unit-doge-site-hacked/
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
Fri, 21 Feb 2025 13:07:40 +0000
OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server.
The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek.
https://www.securityweek.com/vulnerabilities-in-mongodb-library-allow-rce-on-node-js-servers/
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
Fri, 21 Feb 2025 18:33:00 +0530
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand’s legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale.
The latest iteration of the phishing suite “represents a significant
https://thehackernews.com/2025/02/cybercriminals-can-now-clone-any-brands.html
How China Pinned University Cyberattacks on NSA Hackers
Fri, 21 Feb 2025 12:26:17 +0000
A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division.
The post How China Pinned University Cyberattacks on NSA Hackers appeared first on SecurityWeek.
https://www.securityweek.com/how-china-pinned-university-cyberattacks-on-nsa-hackers/
CISA Warns of Attacks Exploiting Craft CMS Vulnerability
Fri, 21 Feb 2025 11:44:27 +0000
CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of Attacks Exploiting Craft CMS Vulnerability appeared first on SecurityWeek.
https://www.securityweek.com/cisa-warns-of-attacks-exploiting-craft-cms-vulnerability/
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
Fri, 21 Feb 2025 17:10:00 +0530
In today’s rapidly evolving digital landscape, weak identity security isn’t just a flaw—it’s a major risk that can expose your business to breaches and costly downtime.
Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without a strategic plan, these security gaps can quickly turn into expensive liabilities.
Join us for ”
https://thehackernews.com/2025/02/webinar-learn-how-to-identify-high-risk.html
Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls
Fri, 21 Feb 2025 11:01:00 +0000
Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks.
The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek.
https://www.securityweek.com/second-recently-patched-flaw-exploited-to-hack-palo-alto-firewalls/
AI-Powered Deception is a Menace to Our Societies
Fri, 21 Feb 2025 16:30:00 +0530
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said, ‘The first casualty is the truth.’
While these forms of communication
https://thehackernews.com/2025/02/ai-powered-deception-is-menace-to-our.html
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Fri, 21 Feb 2025 13:08:00 +0530
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies.
“The threat actor then demonstrated their ability to persist in target environments across equipment from multiple
https://thehackernews.com/2025/02/cisco-confirms-salt-typhoon-exploited.html
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
Fri, 21 Feb 2025 12:56:00 +0530
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the
https://thehackernews.com/2025/02/cisa-flags-craft-cms-vulnerability-cve.html
Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines
Thu, 20 Feb 2025 17:04:09 +0000
China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers.
The post Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines appeared first on SecurityWeek.
https://www.securityweek.com/chinese-apt-tools-found-in-ransomware-schemes-blurring-attribution-lines/
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Thu, 20 Feb 2025 19:07:00 +0530
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret.
The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, Famous Chollima,
https://thehackernews.com/2025/02/north-korean-hackers-target-freelance.html