hackers

  • Blog
    digitpatrox2 days ago
    29

    Hackers retain access to patched FortiGate VPNs using symlinks

    Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. Earlier this week, Fortinet began sending emails to customers warning that their FortiGate/FortiOS devices were compromised based on telemetry received from FortiGuard devices. These emails were titled “Notification of device compromise…

    Read More »
  • Blog
    digitpatrox3 days ago
    19

    Hackers Stole Health Records From 1.6 Million Planned Parenthood Patients

    Another major data breach has compromised the sensitive health records of more than 1.6 million patients—including minors under 18—who received care at Planned Parenthood in more than 30 states. Laboratory Services Cooperative (LSC), which provides lab testing services to reproductive health clinics across the U.S., is notifying individuals who may have been affected by a security incident that took place…

    Read More »
  • Blog
    digitpatrox3 days ago
    27

    ‘Phishing kits are a force multiplier’: Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers

    While inflation is rising around the world, some things are getting cheaper – and one is the cost of launching a phishing attack. Phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25. This means that even criminals with minimal tech skills can easily steal personal…

    Read More »
  • Blog
    digitpatrox4 days ago
    20

    Hackers exploit WordPress plugin auth bypass hours after disclosure

    Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. Users are strongly recommended to upgrade to the latest version of OttoKit/SureTriggers, currently 1.0.79, released at the beginning of the month. The OttoKit WordPress plugin allows users to connect plugins and external tools like WooCommerce, Mailchimp, and Google Sheets,…

    Read More »
  • Blog
    digitpatrox4 days ago
    27

    Russian hackers attack Western military mission using malicious drive

    The Russian state-backed hacking group Gamaredon (aka “Shuckworm”) has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. Symantec threat researchers say the campaign started in February 2025 and continued until March, with hackers deploying an updated version of the GammaSteel info-stealing malware to exfiltrate data. According to the report, initial access to…

    Read More »
  • Blog
    digitpatrox5 days ago
    22

    Critical FortiSwitch flaw lets hackers change admin passwords remotely

    Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the FortiSwitch web UI development team discovered the vulnerability (CVE-2024-48887) internally. Unauthenticated attackers can exploit this unverified FortiSwitch GUI password change security flaw (rated with a 9.8/10 severity score) in low-complexity attacks…

    Read More »
  • Blog
    digitpatrox6 days ago
    24

    Hackers lurked in Treasury OCC’s systems since June 2023 breach

    Unknown attackers who breached the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails, according to anonymous sources familiar with the matter. The OCC is an independent bureau of the U.S. Department of the Treasury that oversees banks and federal savings associations and ensures they comply with applicable laws and regulations,…

    Read More »
  • Blog
    digitpatrox7 days ago
    33

    Google’s Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11%

    Image: Sundry Photography/Adobe Stock In a bid to tilt the cybersecurity battlefield in favor of defenders, Google has introduced Sec-Gemini v1, a new experimental AI model designed to help security teams identify threats, analyze incidents, and understand vulnerabilities faster and more accurately than before. Announced by the company’s cybersecurity research leads, Elie Burzstein and Marianna Tishchenko, Sec-Gemini v1 is the…

    Read More »
  • Blog
    digitpatrox1 week ago
    30

    Hackers are targeting Ivanti VPN users again – here’s what you need to know

    Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that’s been exploited by a China-linked espionage group since at least the middle of March. Tracked as CVE-2025-22457, the critical severity vulnerability impacts Ivanti Connect Secure (versions 22.7R2.5 and earlier), Pulse Connect Secure (versions 9.1R18.9 and prior, which reached end-of-support at the end of last year), Ivanti Policy…

    Read More »
  • Blog
    digitpatrox1 week ago
    71

    North Korean Hackers Disguised as IT Workers Targeting UK, European Companies

    Image: DC_Studio/Envato North Korean hackers who disguise themselves as IT workers are applying for work in the U.K., according to Google Threat Intelligence Group. Success in the U.S. is declining due to rising awareness of their tactics, indictments, and right-to-work verification challenges, prompting them to turn elsewhere. The attackers pose as legitimate remote workers, looking to generate revenue, access sensitive…

    Read More »
Load More
Back to top button
close