93 links
tagged with hacking
Click any tag below to further narrow down your results
Links
Chukwuemeka Victor Amachukwu, a Nigerian national, has been extradited to the U.S. to face charges of hacking, fraud, and identity theft after allegedly stealing over $3.3 million through spearphishing attacks on tax preparation businesses. He is also accused of running a separate scam involving fake investment opportunities, leading to significant financial losses for victims and the U.S. government.
The Scattered Spider ransomware group has decided to cease operations due to intense law enforcement pressure following significant cyberattacks on companies like Jaguar Land Rover and Salesforce. In a farewell message, they apologize to their victims and hint at a possible return with a new venture called "ShinySp1d3r RaaS."
Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.
Security researchers have discovered a cryptocurrency mining operation that targets misconfigured DevOps infrastructure, specifically exploiting HashiCorp Nomad servers, Consul dashboards, Docker APIs, and Gitea code-hosting instances to mine Monero. The attackers utilize publicly available tools to avoid detection and recommend securing these systems to prevent future breaches.
Vietnamese hackers have been reported to be using fake copyright notices to extort money from content creators, falsely claiming that their work has been stolen. This has raised concerns about the misuse of copyright laws and the potential harm to creators who are targeted by such scams. The article highlights the need for vigilance and awareness among content producers to avoid falling victim to these fraudulent practices.
Russian law enforcement has successfully shut down 100 servers associated with the notorious NoName05716 hacking group, known for its DDoS attacks on various targets. This operation reflects ongoing efforts to combat cybercrime and disrupt malicious online activities in the region.
A security researcher discovered significant vulnerabilities in Volkswagen's mobile app, which potentially allowed unauthorized access to personal and vehicle information. The flaws included exposure of sensitive data through API endpoints, enabling malicious actors to gain control over vehicles and access private customer details. After reporting the issues to Volkswagen, the researcher helped facilitate the necessary security fixes.
A China-linked hacking group known as Salt Typhoon has successfully breached the satellite communications firm Viasat. This incident highlights the ongoing risks to critical infrastructure from state-sponsored cyber threats, particularly in the context of geopolitical tensions.
A 21-year-old hacker was arrested in Spain for illegally accessing a government website to alter high school and university entrance exam grades for himself and classmates. The suspect, with a history of hacking, compromised accounts of at least 13 university professors and had a notebook detailing manipulated grades, leading to increased security measures on the educational platform used in the region.
YouTuber Jeff Geerling challenged viewers to de-pixelate a heavily obscured section of his video, which was intended to protect private information. Within hours, a developer successfully restored the hidden content using frame extraction techniques, highlighting the weaknesses of pixelation as a privacy measure.
The article discusses recent cyber attacks targeting Disney, highlighting the implications of these breaches on the company's operations and data security. It emphasizes the growing trend of cyber threats against major corporations and the need for enhanced security measures.
A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.
An Oregon agency has announced that hackers successfully stole sensitive data during a recent cyberattack. The breach has raised concerns about the security of personal information and the measures being taken to protect it moving forward.
The UNC2891 hacking group, known as LightBasin, utilized a 4G-equipped Raspberry Pi to infiltrate a bank's network, aiming to commit ATM fraud. Although their attempt to deploy a sophisticated rootkit named Caketap was thwarted, the attack showcased advanced techniques for maintaining stealth and lateral movement within the bank's systems.
DPRK hackers have successfully stolen approximately $137 million from users of the Tron blockchain. The attack involved sophisticated phishing techniques and targeted the platform's infrastructure, highlighting ongoing security vulnerabilities in cryptocurrency networks.
A critical vulnerability (CVE-2025-5947) in the Service Finder WordPress theme allows attackers to bypass authentication and gain administrator access, leading to significant exploitation attempts. With over 13,800 attempts recorded, users are urged to update to version 6.1 or discontinue use of the theme to mitigate risks.
A traveler discovered a way to access free WiFi for messaging on British Airways flights by signing up for their frequent flyer program through the captive portal. Through testing and analysis, they revealed that the airline uses SNI (Server Name Indication) to restrict the types of traffic allowed, allowing the traveler to tunnel arbitrary traffic by masquerading as messaging app connections. This led to a deeper exploration of TLS handshakes and the implications of SNI on privacy and data access during flights.
The article discusses the exposure of confidential informants within the Louisiana Sheriff's Office following a significant hack. Sensitive information was leaked, raising concerns about the safety and privacy of those involved in law enforcement operations. The breach highlights vulnerabilities in law enforcement data security and its potential consequences.
Ethan J. Foltz, a 22-year-old from Oregon, has been arrested for allegedly operating "Rapper Bot," a large botnet used for launching DDoS attacks, including a significant attack that disrupted Twitter/X in March 2025. Federal investigators tracked Foltz's activities through financial records and chat logs, revealing that he and a co-conspirator extorted online businesses using the botnet's capabilities, which could generate massive amounts of junk data per second. Foltz now faces criminal charges that could lead to a maximum of 10 years in prison if convicted.
A significant data breach at Lotte Card has exposed personal information of over 1 million users, with estimates suggesting the leak could impact several million. The Financial Supervisory Service's investigation revealed the breach was much larger than the initially reported 1.7 GB. Lotte Card is set to apologize and announce response measures on the 18th.
A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.
Wallets can indeed be hacked, posing significant risks to digital asset security. Users must be aware of vulnerabilities in wallets and take necessary precautions to protect their funds from potential breaches and theft.
Nimhawk is an actively developed command and control (C2) framework that builds on the NimPlant project, offering enhanced modularity, security, and a user-friendly web interface for managing implants. Currently, it supports Windows x64 platforms, with plans for a Linux agent in the future. The project encourages community contributions and provides detailed documentation for developers.
Hackers are exploiting the CVE-2025-42957 vulnerability in SAP systems, which can lead to significant security breaches. The flaw allows unauthorized access and manipulation of sensitive data, prompting urgent updates and patches from SAP to protect affected users.
The web article discusses the alarming prevalence of weak passwords in the auto industry, highlighting how many smart cars are still using easily guessable passwords. This vulnerability poses significant security risks, as hackers could exploit these weaknesses to gain unauthorized access to vehicles and their systems.
Recent attacks linked to Chinese hacking groups have exploited a zero-day vulnerability in Microsoft SharePoint, breaching numerous organizations globally. The vulnerabilities, identified as CVE-2025-49706 and CVE-2025-49704, were actively targeted by multiple threat actors, prompting Microsoft and CISA to release emergency patches and recommend immediate action for affected entities.
A security researcher successfully reverse engineered the Worldline Yomani XR credit card terminal, uncovering significant vulnerabilities, including an exposed root shell accessible through a debug connector. Despite robust tamper resistance features, the device's architecture separates secure and insecure processing, which limits the impact of the exploit but still poses serious security risks. The researcher disclosed the vulnerability to the manufacturer, initiating a timeline for public disclosure.
Security vulnerabilities in a carmaker's web portal allowed a hacker to remotely unlock vehicles from anywhere, raising serious concerns about the security of connected car technologies. The breach highlights the need for stronger cybersecurity measures in the automotive industry to protect consumer data and vehicle safety.
Russian government hackers are reportedly behind a significant breach of the U.S. federal court filing system, raising concerns over the security of sensitive legal documents. The attack highlights the vulnerabilities in critical infrastructure and the ongoing threat posed by state-sponsored cyber activities. Investigations are underway to assess the extent of the damage and potential implications for national security.
Rachel Tobac, a cyber social engineer, discusses the art of persuasion in social engineering, emphasizing its dual nature as both a beneficial and deceptive practice. She explains how social engineers manipulate psychological principles to exploit human vulnerabilities, making it a sophisticated form of hacking that is often misunderstood.
Hackers are increasingly targeting Industrial Control Systems (ICS) and SCADA systems, posing significant risks to critical infrastructure. The article discusses the vulnerabilities within these systems and the potential consequences of successful cyberattacks, emphasizing the need for enhanced security measures.
Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.
A hacking group named Lab Dookhtegan has reportedly disrupted communications of Iranian ships, indicating a significant cyber attack on maritime operations. This incident highlights ongoing tensions and the increasing use of cyber warfare tactics in geopolitical conflicts.
A new HBO Max documentary series titled "Most Wanted: Teen Hacker" focuses on the cybercrimes of Julius Kivimäki, a Finnish hacker convicted of leaking patient records and extorting a psychotherapy clinic. The four-part series details Kivimäki's criminal activities from a young age, including a notorious DDoS attack against gaming platforms and his eventual arrest and sentencing for extortion. The series aims to shed light on the real-world impacts of cybercrime through Kivimäki's destructive exploits.
Two Dutch teenagers, aged 17, were arrested for attempting to spy on Europol and Eurojust for Russia using WiFi sniffer devices. They were recruited via Telegram and apprehended following a tip from the Dutch intelligence service, with no compromise to Europol's systems reported. The case highlights a concerning trend of young individuals being targeted for espionage activities in Europe.
North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.
A recent Bloomberg report has revealed that a teenage hacker and his accomplice accessed a Crypto.com employee’s account, leading to a leak of users' personal data. Crypto.com stated that the breach affected a small number of individuals and confirmed that no customer funds were compromised.
Mobile number hacking, particularly through SIM swap fraud, has become increasingly common, leading to significant financial losses for victims. Signs of a compromised mobile number include unexpected service issues and losing access to personal accounts. If you suspect your number has been hacked, it's crucial to contact your carrier, secure financial accounts, and take preventive measures against future attacks.
The official Stellar Blade account on the platform X was hacked, leading to unauthorized posts promoting a fake token and phishing schemes. Users were warned against engaging with the posts, which falsely promised airdrops and in-game rewards. The Stellar Blade team is working on recovering the account and advised the community to remain cautious.
The article delves into the intricacies of evading security measures within a sandbox environment, highlighting techniques that exploit vulnerabilities in Chrome's architecture. It discusses various methods hackers use to bypass restrictions and emphasizes the ongoing cat-and-mouse game between security experts and malicious actors.
The FBI is seeking public assistance to identify the Chinese Salt Typhoon hackers, responsible for extensive breaches of telecommunications providers in the U.S. and globally. These breaches allowed access to sensitive data, including private communications of some U.S. government officials, prompting the FBI to issue a public service announcement and a reward for information linked to the group.
A new startup focused on zero-day vulnerabilities is offering $20 million for tools that can successfully hack any smartphone. This initiative aims to attract skilled hackers to enhance cybersecurity solutions amidst increasing smartphone security challenges.
Over 40,000 security cameras worldwide are accessible via the internet, allowing potential hackers to exploit them for spying and other malicious activities. The cybersecurity firm Bitsight warns that these cameras, often used in homes and small offices, are at risk due to inadequate security measures, making them targets for cyberattacks. Users are advised to implement stronger security practices to protect their devices.
The article discusses insights from a telecom executive regarding the Salt Typhoon hacking group, emphasizing how their unconventional techniques are inspiring other hackers. It highlights the evolving tactics in cyberattacks and the implications for security in the telecommunications sector.
Marks & Spencer has confirmed that personal data of its customers was compromised during a recent hacking incident. The breach has raised concerns about the safety of customer information and the company's security measures.
A hacker successfully modified a Chinese security camera that had been banned for its privacy violations, showcasing how to repurpose such devices for legitimate uses. The project highlights both the challenges and the potential of hacking banned technology to serve personal needs while navigating legal and ethical concerns.
A hacking group known as The Com has leaked personal information of hundreds of US government officials, including those from the FBI, ICE, and the Department of Justice, on Telegram. The data, which includes names, addresses, and phone numbers, raises concerns about threats to these officials, particularly from criminal elements in Mexico. The group has hinted at potentially targeting IRS officials next.
Vulnerabilities in the Matrix protocol could allow hackers to take control of sensitive chat rooms, potentially compromising user privacy and security. These bugs could be exploited by attackers to manipulate conversations and access private messages, raising significant concerns for users relying on this communication platform.
Russian hackers have been exploiting vulnerabilities in Microsoft's OAuth 2.0 authentication framework, allowing them to access sensitive information from targeted accounts. This ongoing attack poses significant security risks for organizations using Microsoft services, emphasizing the need for enhanced security measures and awareness.
Nearly 28% of the $1.4 billion stolen from Bybit has become untraceable, according to CEO Ben Zhou. The funds have been funneled through mixers and decentralized platforms, complicating recovery efforts. Zhou urged bounty hunters to assist in freezing stolen assets, with some success reported.
A recent investigation has revealed that the hacking group known as Careto was allegedly operated by the Spanish government. Sources suggest that the group's activities were part of a broader strategy to engage in cyber-espionage, raising questions about state-sponsored hacking and its implications for national security.
A BBC reporter was approached by a cyber-criminal gang offering a share of ransom money in exchange for access to the BBC's systems. After engaging with the criminals, they experienced tactics like MFA bombing, which highlighted the risks of insider threats in cyber-security. The incident underscored the evolving methods of hackers and the importance of vigilance within organizations.
Former Disney employee Michael Scheuer was sentenced to three years in prison and fined nearly $688,000 for hacking into Disney's IT systems and altering restaurant menu information, including allergen details, in retaliation for his firing. Scheuer's actions caused significant disruptions, including a denial of service attack affecting multiple employees and unauthorized changes to menu designs and images. His criminal activities were uncovered following an FBI investigation that led to the seizure of his computer and evidence of his malicious actions.
The article discusses Xanthorox AI, a comprehensive hacking assistant designed for various cyber operations. It highlights its capabilities in navigating the dark web and performing full-spectrum hacking tasks, emphasizing its potential use by both ethical hackers and malicious actors. The implications of such a tool on cybersecurity and the ethical considerations surrounding its use are also touched upon.
The article discusses a report released by Anthropic, which highlights the growing threats posed by artificial intelligence in the realm of cybersecurity. It emphasizes the potential for AI to be used in hacking and other malicious activities, urging for better frameworks to mitigate these risks. The report outlines various scenarios where AI could exacerbate security challenges in the digital landscape.
Hackers are exploiting a vulnerability in domain name system (DNS) records to hide malware, allowing malicious scripts to fetch binaries without detection by traditional security measures. Researchers from DomainTools discovered that malware was encoded in hexadecimal and distributed across multiple subdomains, enabling retrieval through seemingly harmless DNS requests. As encrypted DNS methods like DOH and DOT gain traction, monitoring this type of traffic may become even more challenging.
The article discusses a report on the malware traffic associated with the notorious Los Pollos Hermanos network. It highlights the methods used by cybercriminals to exploit vulnerabilities and distribute malicious software, shedding light on the ongoing challenges in cybersecurity. The findings underscore the importance of vigilance and proactive measures in combating such threats.
Conor Brian Fitzpatrick, the creator of the BreachForums hacking forum, has been resentenced to three years in prison after violating pretrial release conditions and pleading guilty to multiple charges, including conspiracy to commit access device fraud and possession of child pornography. His initial sentence of time served and 20 years of supervised release was overturned by an appeals court, leading to the new prison term. BreachForums was known for facilitating the trade of stolen data and illegal cybercrime services.
Clorox has filed a lawsuit against its IT provider, Cognizant, claiming that hackers accessed employee passwords through basic social engineering tactics. The lawsuit alleges that Cognizant failed to manage cybersecurity effectively and allowed unauthorized access to Clorox's network. Cognizant counters that it only provided limited help desk services and is not responsible for the cybersecurity breach.
Touti Cracker is a cross-platform ethical hacking toolkit designed for educational purposes, offering features like password cracking, WiFi auditing, and reverse shell payload generation. It includes a user-friendly neon-styled interface and automates various processes, such as hash extraction and dependency installation, while emphasizing responsible use.
Researchers from SquareX have demonstrated a method to bypass passkey security using WebAuthn process manipulation, allowing attackers to impersonate users without needing access to their devices. This vulnerability highlights risks associated with compromised browser environments rather than the cryptography of passkeys themselves.
Nicholas Michael Kloster, a Kansas City resident, has admitted to hacking multiple organizations to promote his cybersecurity services. He was charged with accessing a protected computer and causing reckless damage during unauthorized access.
Government minister Lucy Powell's X account was hacked to promote a cryptocurrency scam named "$HCC". The incident highlights a growing trend of cybercriminals targeting high-profile accounts to sell worthless coins, with efforts already made by Powell's office to secure her account and remove misleading posts.
The Tea app has suffered a major data breach, exposing over 59 GB of sensitive user data, including selfies and private messages, with a second database revealing 1.1 million messages exchanged between members. Initially intended as a safe platform for women, the leak has led to potential social engineering threats and the creation of a site for rating exposed selfies. Tea is collaborating with cybersecurity experts and law enforcement to address the incident and enhance security measures.
Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.
A hacker successfully executed a voice phishing attack targeting Cisco customers, managing to steal their personal information. This incident highlights the ongoing risks associated with social engineering tactics in cybersecurity. Cisco has urged its clients to remain vigilant against such fraudulent schemes.
Riot Games is enhancing its security measures to combat hacking and cheating in its video games. By employing advanced technologies and strategies, the company aims to protect both its games and the integrity of its player community. Their ongoing efforts reflect a broader industry challenge in maintaining fair play in online gaming environments.
Hacking groups, including those affiliated with the North Korean government, are utilizing a new method called EtherHiding to distribute malware via public cryptocurrency blockchains. This technique embeds malware within smart contracts, providing a decentralized and nearly untouchable platform for cybercriminals to operate, thus enhancing the resilience against law enforcement actions.
Crosswalk buttons in various US cities have been hacked to play AI-spoofed voices of tech billionaires like Jeff Bezos and Elon Musk, thanks to poorly secured systems and default passwords. The Seattle Department of Transportation is addressing the issue, which has raised concerns for visually impaired pedestrians relying on audio cues. The manufacturer, Polara, has acknowledged the vulnerability and is working on enhancing security measures.
UK retail giant Co-op has confirmed that hackers have stolen all 6.5 million customer records, raising concerns about data security and privacy. The breach has prompted investigations and warnings for customers to monitor their accounts for suspicious activity.
A new attack known as "pixnapping" has emerged, targeting Android devices by using pixel-stealing techniques to access sensitive information. This method allows attackers to manipulate the display output, potentially compromising user data without their knowledge. Users are advised to remain vigilant and update their security measures to protect against this threat.
Discord experienced a security breach attributed to a vendor, rather than being directly hacked. The incident raised concerns about the platform's overall security practices and highlighted the risks associated with third-party vendors.
An attempt to create an autonomous AI pentester revealed significant limitations in AI's capability to effectively perform offensive security tasks. Despite its potential for planning and executing complex strategies, the AI struggled with accuracy and lacked the critical intuition and drive that human hackers possess. The project ultimately highlighted the importance of combining AI's strengths with human creativity and critical thinking in cybersecurity.
Radiology Associates of Richmond has reported a data breach affecting over 1.4 million individuals, with hackers accessing their systems for several days in April 2024. The compromised systems contained identifiable protected health and personal information.
Hackers are compromising end-of-life SonicWall Secure Mobile Access appliances, exploiting leaked administrator credentials and potentially using a custom backdoor malware called Overstep. Google’s Threat Intelligence Group urges organizations to analyze their devices for signs of compromise, as many details about the attacks and vulnerabilities remain unclear.
€34 million in cryptocurrency has been seized from the eXch exchange for facilitating money laundering activities, including connections to North Korean hacking groups. The exchange reportedly lacked necessary anti-money laundering controls and was involved in laundering funds from high-profile thefts, prompting increased scrutiny as authorities investigate its operations.
John Kindervag, creator of the Zero Trust Model, discusses an evolved understanding of hacking that contrasts with traditional views. He emphasizes that motivations for hacking are shaped by sociological, historical, and technological contexts, suggesting that today’s perception of hackers is too narrow and often overlooks their innovative potential.
The hacking group known as Scattered Spider, which previously caused significant disruption in Las Vegas, has returned to target U.K. retailers. Recent cyberattacks have impacted stores like Harrods and Marks & Spencer, leading to disruptions in online sales and potential customer data theft.
The article discusses methods for exploiting vulnerabilities in Windows drivers, aimed at beginners interested in cybersecurity and hacking. It provides insights into the process of weaponizing these drivers to gain unauthorized access or control over systems. This serves as a foundational guide for those looking to understand the intricacies of driver manipulation in the context of malicious activities.
The U.S. government has seized approximately $774 million in cryptocurrency linked to North Korean cybercriminal activities. This operation is part of ongoing efforts to disrupt the funding of illicit activities supported by the North Korean regime, particularly through hacking and ransomware schemes.
Over 624,000 individuals were notified of a data breach at Healthcare Services Group, where personal information, including Social Security numbers and financial details, was stolen. The breach occurred between September 27 and October 3, 2024, and was identified on October 7, 2024.
The Trump administration plans to allocate $1 billion for offensive hacking operations aimed at enhancing national security and cyber capabilities. This funding is part of a broader strategy to deter foreign cyber threats and bolster the U.S.'s offensive cyber capabilities. The initiative is expected to involve collaborations with private tech firms and intelligence agencies.
Critical vulnerabilities in the BlueSDK Bluetooth stack could allow remote code execution on millions of vehicles, enabling hackers to gain access to car infotainment systems. The PerfektBlue attack can track locations, record audio, and potentially control vehicle functions by exploiting these flaws.
Sangoma's FreePBX Security Team has issued a warning about a zero-day vulnerability actively being exploited in FreePBX systems with exposed Administrator Control Panels since August 21. Users are advised to limit access to their ACPs and implement a temporary EDGE module fix, while those with compromised systems are encouraged to restore from backups and secure their installations.
Sesame Street's Elmo account was hacked, leading to the posting of offensive racist and antisemitic content. The incident raised concerns about cybersecurity and the potential risks associated with social media accounts of popular children's characters. Immediate actions were taken to secure the account and address the situation.
Matthew D. Lane, a 19-year-old college student, was sentenced to four years in prison for his role in a cyberattack on PowerSchool that led to a significant data breach affecting millions of students and teachers. He pleaded guilty to multiple charges, including unauthorized access and cyber extortion, and was ordered to pay $14 million in restitution. The attack involved stealing sensitive data and demanding a ransom, with ongoing legal scrutiny surrounding PowerSchool's security practices.
Two teenagers have been arrested in the UK for their involvement in the Scattered Spider hacking group, which is linked to a planned cyberattack on Transport for London in 2024. The arrests follow a broader crackdown on cybercrime targeting critical infrastructure. Authorities are emphasizing the importance of cybersecurity in protecting public services against such threats.
Hackers are exploiting a critical unauthenticated file upload vulnerability in the WordPress theme 'Alone,' enabling remote code execution and site takeovers. Wordfence has recorded over 120,000 exploitation attempts, and a patched version of the theme was released following the discovery of the flaw. Users are advised to update to version 7.8.5 to mitigate risks associated with this vulnerability.
Coinbase reported that hackers bribed overseas support agents to steal customer data, leading to potential costs of up to $400 million. The company received a ransom demand of $20 million but has refused to pay, instead offering a reward for information on the attackers. While sensitive customer information was accessed, no passwords or funds were compromised.
The article recounts the historic incident in 1903 when Guglielmo Marconi's wireless transmission demonstration was famously hacked by magician Nevil Maskelyne, revealing vulnerabilities in Marconi's supposedly secure communication system. Maskelyne intercepted the transmission and sent a mocking message, demonstrating the ease of bypassing the technology that Marconi claimed was unbreakable. This event is noted as the first recorded act of public hacking.
North Korean hackers have reportedly stolen over $2 billion in cryptocurrency in 2025, surpassing previous records, according to blockchain analysis firm Elliptic. The majority of these hacks have involved social engineering tactics rather than exploiting technical vulnerabilities, marking a significant shift in the approach of these cybercriminals. The stolen funds are believed to be used to support the regime's nuclear weapons program.
The article discusses Paul Hudson's initiative to teach kids aged 13 and up how to hack in a safe and engaging way through a game called Hacktivate. This game features 240 "capture the flag" challenges that cover various hacking techniques and computer science skills, aiming to inspire curiosity and provide structured learning in cybersecurity. Hudson emphasizes the importance of making hacking education exciting and accessible while addressing common issues found in existing learning materials.
The article discusses a security vulnerability found in the FIA's driver categorization portal, which allowed hackers to gain unauthorized admin access by exploiting a flaw in the HTTP PUT request process. The authors successfully manipulated their user profile to assume administrative roles, revealing sensitive information and control over the FIA's system. This piece is part of a series highlighting cybersecurity issues in Formula 1.