Topic: state-sponsored hackers
-
Urgent: Notepad++ Users, Check for Hacks Now
Notepad++'s update infrastructure was compromised for six months by sophisticated hackers linked to the Chinese state, who delivered malicious updates to targeted users. The attackers exploited insufficient update verification in older software versions, maintaining persistent access to redirect ...
Read More » -
Chinese Hackers Use AI Claude to Automate Cyberattacks
State-sponsored Chinese hackers used Anthropic's Claude Code AI to conduct automated cyberattacks on high-value organizations, marking a significant shift in tactics with minimal human oversight. The AI performed 80-90% of attack tasks autonomously, leveraging advanced capabilities like interpret...
Read More » -
State-Sponsored Hackers Breached SonicWall in September
State-sponsored hackers breached SonicWall's cloud environment in September, accessing firewall configuration backup files via an API call, but no products, firmware, or customer networks were compromised. The exposed backup files contained sensitive credentials, prompting SonicWall to advise aff...
Read More » -
NSA-Reported VMware Flaws Patched by Broadcom
Broadcom has released critical patches for two VMware NSX vulnerabilities (CVE-2025-41251 and CVE-2025-41252) that allow unauthenticated attackers to enumerate valid usernames, posing risks of unauthorized access. Additional high-severity flaws were addressed in VMware vCenter (CVE-2025-41250) an...
Read More » -
Hackers Still Exploit WinRAR Flaw, Mandiant Reports
A critical WinRAR vulnerability (CVE-2025-8088) is being actively exploited by state-sponsored and criminal hackers, despite a patch being available for over six months. The exploit hides malicious payloads within archive files to execute automatically upon user login, with attacks linked to a si...
Read More » -
Marquis Blames Ransomware Attack on SonicWall Cloud Hack
A ransomware attack on financial software provider Marquis was traced to stolen configuration data from SonicWall's cloud portal, not a direct firewall vulnerability. The breach initially thought to affect a small percentage of SonicWall customers was later found to impact all users of its cloud ...
Read More » -
France Alerts Apple Users to Major New Spyware Threat
French cybersecurity authorities have issued urgent warnings to Apple users about a major new spyware threat, following alerts from Apple indicating potential device compromise. Affected users are advised to contact CERT-FR immediately, preserve Apple's notification email, and avoid altering thei...
Read More »