Lucene search
K

19 matches found

Qualys Blog
Qualys Blog
added 2025/11/24 4:0 p.m.10 views

Zero-Day Zero: The AI Attack That Just Ended the Era of the Forgiving Internet

Why the Exploit Window Has Collapsed and How CISOs Must Pivot to Survive For decades, cybersecurity was a game of time. We banked on the buffer between a vulnerability’s disclosure and its widespread exploitation. We relied on the forgiving internet, where human attackers needed days or weeks to...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/21 12:1 p.m.7 views

AI as Cyberattacker

From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree­--using AI not just as an advisor, but to execute the cyberattacks...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/11 11:57 a.m.26 views

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car's tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn't fiction; it's the new cyber reality...

10CVSS10AI score0.99796EPSS
Exploits44
The Hacker News
The Hacker News
added 2024/09/26 4:49 a.m.27 views

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers ISPs as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 4:0 p.m.44 views

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office SOHO and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon aka Ethereal Panda or RedJuliett. The sophisticated botnet, dubbed Raptor Tra...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/07 3:11 p.m.46 views

After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back

The threat actors behind the KV-botnet made "behavioral changes" to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office SOHO routers and firewall devices across the...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/21 11:29 a.m.3 views

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/21 11:29 a.m.23 views

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/13 4:21 a.m.93 views

Critical FortiOS and FortiProxy Vulnerability Likely Exploited - Patch Now!

Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "exploited in a limited number of cases" in attacks targeting government, manufacturing, and critical infrastructure sectors. The vulnerability, dubbed XORtigate and tracked as...

9.8CVSS9.9AI score0.99474EPSS
Exploits19
The Hacker News
The Hacker News
added 2023/03/30 3:58 p.m.116 views

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/26 12:20 p.m.41 views

2022 Top Five Immediate Threats in Geopolitical Context

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to...

2.1AI score
Exploits0
hivepro
hivepro
added 2022/11/16 1:12 p.m.17 views

Billbug returns after two years to conduct an espionage campaign

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary After being widely active in the year 2018-2019, Billbug, a Chinese state-sponsored group, is back after almost two years. They have been attacking multiple government agencies in an Asian country since...

2.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/05 6:0 a.m.261 views

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the...

10CVSS0.4AI score0.99999EPSS
Exploits101
The Hacker News
The Hacker News
added 2022/10/27 2:19 p.m.48 views

Researchers Expose Over 80 ShadowPad Malware C2 Servers

As many as 85 command-and-control C2 servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit TAU, which studied three ShadowPad variants using TCP, UDP, an...

7.1AI score
Exploits0
ICS
ICS
added 2021/07/21 12:0 p.m.27 views

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise IOCs,...

9.5AI score
Exploits0References38
The Hacker News
The Hacker News
added 2021/06/05 1:56 p.m.91 views

GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks

Code-hosting platform GitHub Friday officially announced a series of updates to the site's policies that delve into how the company deals with malware and exploit code uploaded to its service. "We explicitly permit dual-use security technologies and content related to research into vulnerabilitie...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/01 10:11 a.m.68 views

Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Amid heightened border tensions between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two...

0.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2020/10/22 11:10 p.m.422 views

NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities

On October 20, 2020, the United States National Security Agency NSA released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. The NSA alert provided a list of 25 publicly known vulnerabilities that are known to be recently leveraged by cyber actors for various hacking...

10CVSS9.7AI score0.99999EPSS
Exploits573
CISA
CISA
added 2020/10/20 12:0 a.m.9 views

NSA Releases Advisory on Chinese State-Sponsored Actors Exploiting Publicly Known Vulnerabilities

The National Security Agency NSA has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures CVEs known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable...

6.7AI score
Exploits0References4
Rows per page
Query Builder