Trump administration to spend $1 billion on ‘offensive’ hacking operations

The Trump administration, through the Department of Defense, plans to spend $1 billion over the next four years on what it calls “offensive cyber operations.” The provision in Trump’s landmark One Big Beautiful Bill does not say what those “offensive Read More …

Bluetooth security flaws could affect thousands of Mercedes, Volkswagen, Skoda cars

Security researchers have discovered four vulnerabilities in the BlueSDK Bluetooth stack which could be chained together for remote code execution (RCE) attacks. This stack is used by multiple vendors across different industries – including car manufacturing giants Mercedes, Volkswagen, and Read More …

GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed

Unit 42 researchers uncovered a campaign by an initial access broker (IAB) to exploit leaked Machine Keys — cryptographic keys used on ASP.NET sites — to gain access to targeted organizations. IABs breach organizations and then sell that access to Read More …

Taking SHELLTER: a commercial evasion framework abused in the wild

Elastic Security Labs is observing multiple campaigns that appear to be leveraging the commercial AV/EDR evasion framework, SHELLTER, to load malware. SHELLTER is marketed to the offensive security industry for sanctioned security evaluations, enabling red team operators to more effectively Read More …

Iran-linked hackers threaten to release Trump aides’ emails

Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump’s circle, after distributing a prior batch to the media ahead of the 2024 U.S. election. In online chats with Reuters on Sunday and Monday, the hackers, Read More …

Hackers hijacked hundreds of devices in an outlandish intel campaign aimed at US and Asian targets

A recently disclosed cyber espionage operation, dubbed LapDogs, has drawn scrutiny following revelations from SecurityScorecard’s Strike Team. The operation, believed to be conducted by China-aligned threat actors, has quietly infiltrated over 1,000 devices across the United States, Japan, South Korea, Read More …

Hackers steal and destroy millions from Iran’s largest crypto exchange

Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet. In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot Read More …

U.S. companies brace for Israel-Iran cyber spillover

As Israel and Iran exchange airstrikes, cybersecurity experts are warning that a quieter, but still destructive, digital conflict is unfolding behind the scenes. And U.S. companies could soon find themselves in the blast radius. Iran and Israel are home to Read More …

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Rapid7’s Incident Response (IR) team was engaged to investigate an incident involving an attempted Cobalt Strike execution. The investigation uncovered twists and turns with pre-ransomware activities, tunneling tools, and attackers taking a page out of the defender’s playbook. The attacker Read More …

Hackers take aim at Washington Post journalists in an apparent ‘targeted’ cyberattack

Hackers have tried to break into the email accounts of a select number of Washington Post journalists, according to an internal Washington Post memo obtained by CNN. The Post discovered the “possible targeted” hack of its email system last Thursday, Read More …