hackers
Coverage of hackers in the Nexus archive.
- Hackers can use 9 of the most popular AI tools to assemble massive botnets
Hackers can exploit prompt injection vulnerabilities in 9 popular AI tools to create massive botnets. Large language models (LLMs) cannot distinguish between legitimate and malicious commands, allowing attackers to inject harmful instructions into emails or source code. Current 'push' attacks target individuals but are limited in scale due to the need to send injections directly to victims.
- Kubota says hackers had month-long access to network systems
Kubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year.
- Anthropic says US lifts export ban on its advanced AI tools
The US has lifted an export ban on Anthropic's advanced AI tools. The company had previously suspended Fable and Mythos in June due to concerns about potential misuse by hackers.
- Polymarket to Refund Users After Scammers Swipe Millions in Website Exploit
Hackers infiltrated Polymarket’s website via a compromised third-party vendor, stealing millions in cryptocurrency from users. The company announced refunds for affected users.
- Australia's security environment degrading, spy chief warns
Australia's security environment is degrading due to threats from autocratic regimes, hackers, and antisemitic extremists, according to the country's spy chief. ASIO Director-General Mike Burgess warned that the current terrorism threat level of 'probable' does not fully reflect the systemic and compounding nature of these threats.
- Tata Electronics confirms cyberattack as hackers leak data
Tata Electronics confirmed a cyberattack that impacted parts of its IT infrastructure, with hackers leaking data. The company made the confirmation in a statement to BleepingComputer.
- Hackers Claim to Leak Stolen Madison Square Garden Data
Hackers have claimed to leak stolen data from Madison Square Garden. Additional updates include San Francisco gay bars implementing face scanners, France ending its relationship with Palantir, and Apple planning changes to its private email system.
- Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin
Hackers are exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is active on 100,000 sites. The vulnerability allows threat actors to access sensitive data without authentication.
- The common airport habit that's putting you at risk: Cyber security expert reveals how hackers use airport Wi-Fi to attack unsuspecting passengers… from 'evil twin' hotspots to fake logins
A cyber security expert warns that hackers exploit airport Wi-Fi through 'evil twin' hotspots and fake login pages to target passengers. The article highlights the risks of using unsecured airport networks for unsuspecting travelers.
- Outbreak Kills Over 200; ACIP Investigation Launched; Hackers Demand $75M From Novo
An Ebola outbreak in Congo has led to a 40% increase in cases within a week, with confirmed deaths exceeding 200. The U.S. CDC has activated $107 million in funds, and hackers are demanding $75 million from Novo. An ACIP investigation has been launched regarding the outbreak.
- Canvas Hackers Target Dozens More Colleges
Hackers are targeting dozens of colleges through Canvas, an educational platform. The article highlights the ongoing security threat affecting multiple institutions.
- iRhythm discloses data breach, says hackers stole patient info
Digital healthcare company iRhythm Holdings disclosed a data breach in which hackers stole patients' personal and health information stored on third-party-hosted business applications.
- Phishing Attack Volume Down 20%, but Risk Still Rising
Phishing attack volume has decreased by 20%, but hackers are prioritizing quality over quantity by using AI to enhance their attacks. Despite fewer attempts, the risk remains elevated due to more sophisticated methods.
- In AI blunder, more than 34,000 Instagram accounts became vulnerable
A bug in a Meta customer service tool allowed hackers to use an AI-powered chatbot to reset passwords for over 34,000 Instagram accounts, making them vulnerable.
- Critical UniFi OS bug lets hackers gain root without authentication
A critical bug in Ubiquiti UniFi OS allows hackers to gain root access without authentication by chaining three fixed vulnerabilities. Attackers can execute remote code with elevated privileges through this exploit.
- How your personal data is being sold legally online - and used by hackers to steal millions, report warns
A report warns that personal data is being legally sold online and subsequently exploited by hackers to steal millions. The issue highlights risks of data exposure through legitimate online channels.
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA warned that hackers are actively exploiting a high-severity SolarWinds Serv-U flaw to crash servers. The vulnerability, recently patched, is being used by attackers to disrupt server operations.
- Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Hackers are targeting gaps in vulnerability programs by teaching newcomers to exploit vulnerable systems. Flare analyzes a popular underground tutorial revealing modern attacker workflows.
- Instagram is alerting users who were targeted by hackers during AI chatbot attacks
Instagram is notifying users targeted by hackers in AI chatbot attacks. Hackers accessed victims' accounts despite Meta claiming to have fixed its AI-powered support chatbot.
- Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including administrators. The flaw allows unauthorized access to WordPress admin accounts through the Kirki plugin.
- Instagram AI chatbot tricked by hackers to give access to others' accounts
Hackers tricked an Instagram AI chatbot into granting access to other users' accounts. The incident is linked to recent cases of high-profile Instagram accounts being hijacked.
- Instagram AI chatbot tricked by hackers to give access to others' accounts
Hackers exploited an Instagram AI chatbot to gain access to user accounts. The incident is linked to recent hijackings of high-profile Instagram accounts.
- Instagram AI chatbot tricked by hackers to give access to others' accounts
Instagram's AI chatbot was exploited by hackers to grant unauthorized access to other users' accounts. The incident is linked to recent cases of high-profile Instagram accounts being hijacked.
- A chatbot just helped hackers hijack Instagram accounts
Hackers exploited AI support tools to reset Instagram account emails and lock users out of their accounts. A chatbot was used in the process to facilitate unauthorized access.
- Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
Hackers hijacked Instagram accounts by tricking Meta's AI support chatbot into granting access, as reported by social media users. The incident was attributed to the chatbot allowing unauthorized access.
- Can hackers pull your fingerprints from photos online? Experts explain.
Claims on social media suggest hackers can extract fingerprints from photos showing peace signs. Experts assert that the risk for average individuals is minimal.
- Hackers more focused on misleading voters than ballot tampering: Report
Hackers and foreign influence operators are increasingly using misinformation campaigns to confuse voters rather than tampering with voting systems in the 2026 midterm elections, according to a Check Point Software report. The report highlights phishing, impersonation, and misinformation as primary tactics.
- WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are exploiting a vulnerability in the WP Maps Pro plugin to create unauthorized administrator accounts on WordPress websites. The exploit allows attackers to bypass authentication and gain administrative access.
- Hackers are trying to steal Signal users’ backups in new wave of phishing attacks
Hackers are launching a new phishing campaign targeting Signal users to steal their secret recovery keys, which grant access to online backups containing past messages. The attack aims to trick users into revealing these keys through deceptive tactics.
- Hackers exploit FortiClient EMS flaw to push infostealer malware
Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ.
- Iran’s hackers are coordinating more closely: Israeli cyber leader
An Israeli cyber leader reports that Iran’s hackers are coordinating more closely, indicating heightened cyber activity. The statement highlights concerns about increased collaboration among Iranian cyber actors.
- 70% of all crypto wrench attacks happen in France: Report
A report reveals that 70% of all crypto wrench attacks occur in France, with Bitcoiners warning that centralized data collection systems attract hackers and organized criminals targeting cryptocurrency holders and their families.
- Drupal: Critical SQL injection flaw now targeted in attacks
Drupal has issued a critical warning about a severe SQL injection vulnerability that is now being actively exploited by hackers. The flaw was announced earlier this week and poses significant security risks to systems running the platform.
- GitHub says hackers stole data from thousands of internal repositories
GitHub is investigating a breach where hackers stole data from thousands of internal repositories, but there's no evidence of customer data theft. The incident is currently being investigated. GitHub is a code hosting giant.
- Crypto users are choosing juicy yields over protection, putting billions at risk of hacks
Crypto users are prioritizing high yields over security measures, putting billions of dollars at risk of being hacked. This trend is concerning as it leaves sensitive information and large sums of money vulnerable to cyber attacks. The situation underscores the need for robust protection in the crypto space.
- Crypto users are choosing juicy yields over protection, putting billions at risk of hacks
Crypto users are prioritizing high yields over security measures, putting billions of dollars at risk of being hacked. This trend is leading to increased vulnerability in the cryptocurrency market. Users are seeking higher returns despite the potential risks.
- Popular node-ipc npm package compromised to steal credentials
Hackers have compromised the node-ipc npm package by injecting credential-stealing malware into its newly published versions, targeting npm in a supply chain attack. This attack aims to steal credentials from users of the popular inter-process communication package. The incident highlights a significant security risk for users relying on the package.
- Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are exploiting a critical authentication bypass vulnerability in the Burst Statistics WordPress plugin to gain admin-level access to websites. The flaw allows attackers to bypass authentication and take control of vulnerable sites. This vulnerability poses a significant risk to website security.
- OpenAI says hackers stole some data after latest code security issue
Hackers stole some data from OpenAI after a code security issue, but the damage was limited to employees' devices and did not affect user data or production systems. OpenAI's intellectual property was not stolen. The incident had limited impact.
- The war between businesses and hackers enters a perilous new era
The war between businesses and hackers has entered a new era with AI agents presenting novel dangers, increasing the complexity of cyber attacks. This development poses significant threats to business security. The use of AI in hacking is becoming more prevalent.