4 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-12-01 22:31 : Operation Hanoi Thief Attacking IT Professionals with Pseudo-Polyglot Payload to Hide Malware 22:31 : KimJongRAT Attacking Windows Users via Weaponized .hta Files…
IT Security News Daily Summary 2025-12-01
129 posts were published in the last hour 22:31 : Operation Hanoi Thief Attacking IT Professionals with Pseudo-Polyglot Payload to Hide Malware 22:31 : KimJongRAT Attacking Windows Users via Weaponized .hta Files to Steal Logins 22:31 : Chinese Front Companies…
Operation Hanoi Thief Attacking IT Professionals with Pseudo-Polyglot Payload to Hide Malware
A sophisticated cyberespionage campaign dubbed “Operation Hanoi Thief” has surfaced, specifically targeting IT professionals and recruitment teams in Vietnam. Discovered on November 3, 2025, this threat activity employs a complex multi-stage infection chain designed to harvest sensitive browser credentials and…
KimJongRAT Attacking Windows Users via Weaponized .hta Files to Steal Logins
A new remote access trojan dubbed KimJongRAT has surfaced, posing a severe threat to Windows users. This sophisticated malware is believed to be orchestrated by the Kimsuky group, a threat actor with alleged state backing. The campaign typically begins with…
Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations
Advanced steganography techniques are becoming increasingly central to state-sponsored cyber operations. Recent analysis has exposed two Chinese technology companies, BIETA and CIII, that allegedly provide sophisticated steganography solutions to support advanced persistent threat campaigns. These organizations operate as front companies…
Man Sentenced After Running Fake Airport and In-Flight Wi-Fi Networks
A man who ran fake airport and in-flight Wi-Fi networks to steal traveler credentials has been sentenced to over seven years in prison. The post Man Sentenced After Running Fake Airport and In-Flight Wi-Fi Networks appeared first on eSecurity Planet.…
Hackers Registered 2,000+ Fake Holiday-Themed Online Stores to Steal User Payments
With the holiday shopping season kicking into high gear, a massive cybersecurity threat has emerged, putting online shoppers at significant risk. A coordinated campaign has been discovered, involving the registration of over 2,000 fake holiday-themed online stores. These malicious sites…
Shai-hulud 2.0 Turns npm Installs Into a Full Cloud Compromise Path
A new Shai-hulud variant turns trusted npm installs into a stealthy path for cloud-credential theft and supply chain compromise. The post Shai-hulud 2.0 Turns npm Installs Into a Full Cloud Compromise Path appeared first on eSecurity Planet. This article has…
European cops shut down crypto mixing website that helped launder 1.3B euros
Europol announced the seizure of Cryptomixer’s official website, as well as 25 million euros and 12 terabytes of data from the mixer’s service. This article has been indexed from Security News | TechCrunch Read the original article: European cops shut…
Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks
Australian Michael Clapsis got 7 years and 4 months in prison for Wi-Fi attacks at airports and on flights, stealing sensitive data. Australian man Michael Clapsis (44) was sentenced to 7 years and 4 months in prison for conducting Wi-Fi…
The Dual Role of AI in Cybersecurity: Shield or Weapon?
Artificial intelligence isn’t just another tool in the security stack anymore – it’s changing how software is written, how vulnerabilities spread and how long attackers can sit undetected inside complex environments. Security researcher and startup founder Guy Arazi unpacks why…
The Hidden Calendar Threat Putting 4 Million Apple Devices at Risk
Hijacked calendar subscriptions are emerging as a stealthy new way for attackers to push phishing and malware directly onto devices. The post The Hidden Calendar Threat Putting 4 Million Apple Devices at Risk appeared first on eSecurity Planet. This article…
IT Security News Hourly Summary 2025-12-01 21h : 2 posts
2 posts were published in the last hour 19:31 : BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for Third Consecutive Year 19:31 : Stealthy browser extensions waited years before infecting 4.3M…
BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for Third Consecutive Year
New York, New York, 1st December 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: BreachLock Named a Leader in 2025 GigaOm Radar Report for Penetration…
Stealthy browser extensions waited years before infecting 4.3M Chrome, Edge users with backdoors and spyware
And some are still active in the Microsoft Edge store A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people’s data to servers in China. And, according…
How to use Core Shell SSH, the PuTTY alternative for macOS
<p>Security and network administration depend on SSH. Administrators, developers and power users rely on the protocol to secure connections to remote servers, IoT devices, network devices and cloud resources. Windows users can use the <a href=”https://www.techtarget.com/searchsecurity/tutorial/How-to-use-PuTTY-for-SSH-key-based-authentication”>PuTTY utility</a> to connect to…
Coupang Breach Exposes Data of Nearly 34 Million Customers
A massive Coupang breach exposed nearly 34 million customers, highlighting insider-risk dangers and gaps in South Korea’s data protections. The post Coupang Breach Exposes Data of Nearly 34 Million Customers appeared first on eSecurity Planet. This article has been indexed…
European cops shut down crypto mixing website that helped launder 1.3 billion euros
Europol announced the seizure of Cryptomixer’s official website, as well as 25 million euros and 12 terabytes of data from the mixer’s service. This article has been indexed from Security News | TechCrunch Read the original article: European cops shut…
Coupang Data Breach Affects All 33.7 Million South Korean Accounts
Coupang confirms a data breach affecting 33.7 million users in South Korea, exposing names, contacts and order details. Investigation is ongoing. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the…
Building an OWASP 2025 Security Scanner in 48 Hours
OWASP dropped its 2025 Top 10 on November 6th with a brand-new category nobody saw coming: “Mishandling of Exceptional Conditions” (A10). I spent a weekend building a scanner to detect these issues and immediately found authentication bypasses in three different…
Coupang Data Breach Exposed Personal Data of 33.7 Million Customers Personal Records
South Korean e-commerce giant Coupang has confirmed a massive security incident affecting approximately 33.7 million customers, nearly the company’s entire user base. The breach, which exposed names, phone numbers, email addresses, shipping addresses, and order histories, has been traced back…
Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orchestrated spear-phishing campaigns primarily focusing on organizations within Kyrgyzstan…
Microsoft Confirms New Outlook Bug Blocking Excel Attachments
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error…
TangleCrypt Windows Packer with Ransomware Payloads Evades EDR Using ABYSSWORKER Driver
A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response (EDR) solutions. The packer was first observed during a September 2025 ransomware incident involving Qilin…