Tech Affare

Category: news

  • Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

    Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

    The Hacker NewsGoogle-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.
    The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim​Read More

  • CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

    CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

    The Hacker NewsCERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country.
    The incident took place on December 29, 2025. The agency has attributed the attacks to​Read More

  • Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

    Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

    The Hacker NewsCybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens.
    One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome​Read More

  • China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

    China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

    The Hacker NewsCybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026.
    The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale of the campaign is currently​Read More

  • WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

    WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

    The Hacker NewsMeta on Tuesday announced it’s adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do.
    The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware by trading some functionality for​Read More

  • ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

    ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

    The Hacker NewsEvery week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage.
    Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt — and how fast attackers try to stay ahead.
    This week’s recap brings you the​Read More

  • Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

    Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

    The Hacker NewsCybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts.
    The extension, named “ClawdBot Agent – AI Coding Assistant” (“clawdbot.clawdbot-agent”)​Read More

  • Securing the Mid-Market Across the Complete Threat Lifecycle

    Securing the Mid-Market Across the Complete Threat Lifecycle

    The Hacker NewsFor mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done.
    The challenge is that many security tools add complexity and cost that most mid-market businesses​Read More

  • Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

    Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

    The Hacker NewsThe “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.
    Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy​Read More

  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

    Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

    The Hacker NewsThe maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead.
    “The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting​Read More