Neowin News Feed for: Hackers

Hackers are selling a Windows exploit for $220,000 on the dark web

Ivan Jenic — Tue, 10 Mar 2026 01:32:01 +0000

A Windows exploit that grants system-level access to attackers is currently up for sale on the dark web for $220,000. Read more...

Hackers exploited SharePoint to steal credentials from multiple energy companies

Ivan Jenic — Fri, 23 Jan 2026 20:16:01 +0000

Microsoft uncovered how attackers bypassed security measures and stayed hidden inside compromised mailboxes for days. Read more...

Palo Alto Networks confirms breach involving customer info and support records

David Uzondu — Tue, 02 Sep 2025 17:16:01 +0000

Last month's Salesloft-Drift breach hit major firms, including Google and Palo Alto Networks. We're now learning the full extent of the fallout, with attackers gaining access to customer data. Read more...

How Star Blizzard tried to hack the WhatsApp accounts of government and diplomatic staff

Paul Hill — Fri, 17 Jan 2025 08:32:02 +0000

Microsoft has outlined a phishing scam used by the Russian hacking group Star Blizzard to get into the WhatsApp accounts of US government and diplomatic staff. Read more...

US identifies 9th telecom hacked by China-based group Salt Typhoon

Ramat Adetunji — Sat, 28 Dec 2024 18:20:01 +0000

A ninth U.S. telecom has fallen victim to Salt Typhoon, a cyberespionage campaign allegedly tied to China. The breach highlights serious vulnerabilities. Read more...

Cyberhaven Chrome extension targeted by hack, company admits

Paul Hill — Sat, 28 Dec 2024 08:14:01 +0000

Cyberhaven has admitted that its Chrome extension was compromised for a short period after December 24 as part of a wider attack on various Chrome extensions. Read more...

Following Salt Typhoon, FCC targets US telecom security gaps with new regulatory proposal

Ramat Adetunji — Fri, 06 Dec 2024 12:28:02 +0000

The FCC proposes new rules to strengthen US telecom cybersecurity, following recent cyberattacks and espionage concerns. Read more...

FBI confirms Chinese hackers breached US telecom giants for wiretap data theft

David Uzondu — Thu, 14 Nov 2024 14:46:01 +0000

Hackers had been lurking undetected, and the FBI confirms they've breached systems critical to national security. Read more...

The Internet Archive site (Wayback Machine) is back online after its recent hacker attack

John Callaham — Tue, 22 Oct 2024 14:12:01 +0000

The main Internet Archive website is back online after hackers breached the site earlier this month and stole personal information from its servers Read more...

Meta says it blocked some WhatsApp accounts that were being used by Iran-based actors

John Callaham — Sun, 25 Aug 2024 03:06:01 +0000

Meta announced late on Friday that it had blocked some WhatsApp accounts that it says were being used by Iran-based malicious state actors Read more...

Phishing attack uses fake donation websites to steal crypto from Trump voters

Martin Hodás — Wed, 31 Jul 2024 16:00:01 +0000

An ongoing phishing campaign targets Donald Trump supporters. It uses fake donation websites; however, the fact that it only accepts payments in crypto means its impact is limited. Read more...

Google Workspace security flaw exposed thousands of accounts to hackers

Pradeep Viswanathan — Sun, 28 Jul 2024 18:04:01 +0000

Google discovered and fixed a security vulnerability in its Workspace account creation process that allowed hackers to bypass email verification and create unauthorized accounts for any domain. Read more...

Fake CrowdStrike manual delivers malware, not recovery

Pradeep Viswanathan — Tue, 23 Jul 2024 15:16:01 +0000

Cybercriminals are exploiting the recent faulty CrowdStrike update outage using a fake Microsoft recovery manual Word document to deliver a stealer malware which is now tracked as Daolpu. Read more...

Cybercriminals exploit CrowdStrike chaos to spread Crowdstrike-hotfix.zip malware

Pradeep Viswanathan — Sun, 21 Jul 2024 16:57:36 +0000

While CrowdStrike and Microsoft provided fixes, cybercriminals exploited the situation by spreading malware disguised as a hotfix and launching phishing campaigns targeting CrowdStrike customers. Read more...

Nearly all AT&T cellular customers affected by massive data theft. Here is what you can do

Martin Hodás — Fri, 12 Jul 2024 16:02:01 +0000

The company cooperates with the authorities to investigate the massive security breach. Data was stolen from a third-party cloud platform, and at least one person was already apprehended. Read more...

Microsoft reveals even more emails to customers were accessed by Russia-based hackers

John Callaham — Fri, 28 Jun 2024 13:24:01 +0000

Microsoft has confirmed that it has informed more of its customers that emails they sent to Microsoft's corporate employees were accessed by Russia-based hackers earlier this year. Read more...

For years, fake remote IT workers in U.S. companies were earning millions for North Korea

Martin Hodás — Sun, 19 May 2024 07:28:01 +0000

A fraudulent scheme benefiting the North Korean government used laptop farms and stolen identities to trick hundreds of US companies into unknowingly paying millions to North Korean remote IT workers. Read more...

Microsoft officially says it is "making security our top priority" from now on

John Callaham — Fri, 03 May 2024 15:50:01 +0000

Charlie Bell, Microsoft's Executive Vice President for Security, has written a blog post announcing that the company is now "making security our top priority" above all other features. Read more...

Microsoft is reportedly making security improvements its current top priority at the company

John Callaham — Thu, 25 Apr 2024 14:26:01 +0000

A new report claims that after a series of high-profile security breaches at Microsoft, the company is now concentrating on making improvements to its security features and services. Read more...

Microsoft says a Russian hacker group has been exploiting an old Windows Print Spooler issue

John Callaham — Tue, 23 Apr 2024 13:48:01 +0000

Microsoft has announced that a Russian hacker group has been exploiting an old Windows Print Spooler issue for as long as four years in order to "steal credentials in compromised networks." Read more...

GitHub abused to host malware and create download links seemingly affiliated with Microsoft

Martin Hodás — Mon, 22 Apr 2024 13:50:01 +0000

File upload logic in GitHub's comments allows hackers to host malware on the service and abuse trusted developers and companies, such as Microsoft, to create legitimate-looking URLs. Read more...

Beware, cheaters: Malware campaign targets Call of Duty players using third-party apps

Martin Hodás — Fri, 29 Mar 2024 09:08:01 +0000

The ongoing malware campaign targeting gamers steals credentials to various online services. Activision Blizzard is reportedly investigating and trying to help those with affected accounts. Read more...

US DOJ charges seven APT31 hackers, but nabbing them could be a problem

Paul Hill — Tue, 26 Mar 2024 01:26:01 +0000

The US DOJ has unsealed indictments against seven Chinese hackers involved with the APT31 hacking group. The group has targeted US and UK politicians as well as businesses and critics of China. Read more...

Game over: Global sting takes down LockBit cybercriminals

Paul Hill — Tue, 20 Feb 2024 15:40:01 +0000

An international task force has nabbed two actors involved with the LockBit ransomware that has been causing a major headache for companies around the world since 2019. Infrastructure was seized too. Read more...

Ransomware attackers threaten to send SWAT teams to patients of hacked hospitals

Martin Hodás — Sun, 07 Jan 2024 17:28:01 +0000

Losing patients' medical records due to a ransomware attack is a nightmare for hospitals. But the pressure to pay the ransom is even higher when hackers threaten to attack the patients too. Read more...

Microsoft explains how a Chinese hacker group was able to access government email accounts

John Callaham — Thu, 07 Sep 2023 05:08:01 +0000

In a report posted this week, Microsoft stated that a Chinese hacker group was able to get a Microsoft account (MSA) consumer key because a consumer signing system crash in April 2021 exposed the key. Read more...

WinRAR flaw lets hackers steal funds from broker accounts

Anurag Singh — Wed, 23 Aug 2023 11:58:01 +0000

WinRAR, a popular file archiver tool for Windows used by millions of people worldwide, has reportedly been found to have a vulnerability that allows hackers to steal funds from traders. Read more...

TSMC confirms partner affected by LockBit cyberattack, but there is good news

Paul Hill — Fri, 30 Jun 2023 19:46:01 +0000

TSMC has said that it wasn't greatly affected by LockBit malware that hit one of its suppliers. Despite this, hackers have demanded a $70 million ransom, or it will leak info it claims to have. Read more...

The global MOVEit-based cyberattack has exposed the data of millions of US users

John Callaham — Sun, 18 Jun 2023 17:54:01 +0000

Millions of driver's license numbers and more info from the states of Louisiana and Oregon have been reportedly exposed in this cyberattack that used a flaw in the MOVEit file transfer software. Read more...

Several US government agencies were targeted in a global cyberattack

John Callaham — Thu, 15 Jun 2023 21:18:01 +0000

It's not yet clear which US government agencies were hit as part of this cyberattack, nor if they had any files taken as a result. A known hacker group called CL0P is a suspect in some of the attacks. Read more...

You can now update your Gigabyte motherboard BIOS to fix that security backdoor

John Callaham — Tue, 06 Jun 2023 11:14:01 +0000

The new BIOS firmware for Gigabyte's motherboards should help fix an issue that was revealed last week that would have allowed hackers to install malicious software on the affected boards. Read more...

If you have a Gigabyte motherboard in your PC, you might have a secret firmware backdoor

John Callaham — Thu, 01 Jun 2023 11:58:01 +0000

A cybersecurity firm has discovered that a large number of motherboards made by Gigabyte have a previously undisclosed firmware backdoor that could be used by hackers to install malicious software. Read more...

AT&T email users being hacked to steal cryptocurrency

Steve Bennett — Thu, 27 Apr 2023 08:44:01 +0000

Users of AT&T email accounts are facing a wave of hacks by bad actors who are seeking to steal cryptocurrency, by utilising API issues in the service to take control of email addresses. Read more...

Researchers found security flaws in Bing that would have let hackers alter search results

John Callaham — Thu, 30 Mar 2023 14:16:01 +0000

After the flaws were discovered by a security research team, they reported the issues to Microsoft. The company has since released patches and fixes that have closed this serious issue. Read more...

Hackers using tool that downloads inboxes of Gmail, Yahoo, and Microsoft Outlook

Alap Naik Desai — Tue, 23 Aug 2022 22:10:02 +0000

Google's Threat Analysis Group (TAG) has been running tests on a rather simple but effective tool that can download complete inboxes of popular services including Google, Yahoo, and Microsoft Outlook. Read more...

Suspected Lapsus$ hackers rounded up by City of London Police

Paul Hill — Thu, 24 Mar 2022 18:00:02 +0000

A prominent member of the Lapsus$ hacking group has supposedly been identified as a 16-year-old boy; seven of the group's members have also been arrested by the City of London Police. Read more...

Samsung confirms massive hack, claims personal user data has not been stolen

Usama Jawad — Mon, 07 Mar 2022 15:16:01 +0000

Samsung has confirmed a massive data breach that led to its source code and internal data belonging to partners being stolen. It has assured the public that their personal data is safe. Read more...

Meta to nudge more highly targeted people to join Facebook Protect

Paul Hill — Thu, 02 Dec 2021 15:44:01 +0000

Meta has said that it hopes to make Facebook Protect available to highly targeted users in 50 countries by the end of the year. Facebook Protect adds extra security layers such as 2FA. Read more...

Tribe of Hackers Security Leaders ($15 value) eBook now free

Sponsored — Tue, 09 Nov 2021 15:00:01 +0000

Information security is becoming more important and more valuable all the time. Security breaches can be costly, so security leadership is a high-stakes game. Discover more with this free eBook. Read more...

Microsoft: Russia poses the greatest cybersecurity threat to governments

Usama Jawad — Thu, 07 Oct 2021 17:18:01 +0000

Microsoft has published its annual Digital Defense Report, highlighting that nation-state actors from Russia pose the biggest threat to foreign governments, such as the United States. Read more...