Search results for fake hacking news | Breaking Cybersecurity News | The Hacker News

Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth...

Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical hacker. The 45 hours of course that includes total 384 in-depth lectures, usually cost $1,273, but you can exclusively get this 8-in-1 online training course for just $39 (after 96% discount) at the THN Deals Store. 8-in-1 Online Hacking Training: Here's What You Will Learn Ethical Hacking A to Z Bundle will provide you access to the following eight courses: 1. Ethical Hacker Boot Camp for 2017 This course will teach you all about passive and active reconnaissance, scanning and enumeration, social engineering basics, network mapping, and with live hacking demonstrations using tools like Maltego, FOCA, Harvester, Recon-ng, Nmap, and masscan. By the end of this course,...

Social media networks are no doubt a quick and powerful way to share information and ideas, but not everything shared on Facebook or Twitter is true. Misinformation, or "Fake News," has emerged as a primary issue for social media platforms, seeking to influence millions of people with wrong propaganda and falsehoods. In past years, we have seen how political parties and other groups have used spoofed social media profiles of influencers or leaders to spread misinformation, and most of the time such techniques work to successfully convince people into believing that the information is true. Although social media services like Facebook, Twitter, and Google, offers account verification (verified accounts with blue tick) for public figures, we have seen hackers hijacking verified accounts to spread fake news from legitimate account to their millions of followers. Now, researchers have uncovered a new, cunning attack technique currently being used by hackers to take ove...

Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. The campaign, dubbed " Operation In(ter)ception " because of a reference to "Inception" in the malware sample, took place between September to December 2019, according to a new report cybersecurity firm ESET shared with The Hacker News. "The primary goal of the operation was espionage," the researchers told The Hacker News. "However, in one of the cases we investigated, the attackers tried to monetize access to a victim's email account through a business email compromise (BEC) attack as the final stage of the operation." The financial motivation behind the attacks, coupled with similarities in targeting and development environment, have led ESET to suspect Laz...

Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China. "This actor has increasingly targeted key roles within organizations—particularly in finance, accounting, and sales department — highlighting a strategic focus on high-value positions with access to sensitive data and systems," Morphisec researcher Shmuel Uzan said in a report published earlier this week. Early attack chains have been observed delivering ValleyRAT alongside other malware families such as Purple Fox and Gh0st RAT, the latter of which has been extensively used by various Chinese hacking groups . As recently as last month, counterfeit installers for legitimate software have served as a distribution mechanism for t...

A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. "Moonstone Sleet is observed to set up fake companies and job opportunities to engage with potential targets, employ trojanized versions of legitimate tools, create a malicious game, and deliver a new custom ransomware," the Microsoft Threat Intelligence team said in a new analysis. It also characterized the threat actor as using a combination of tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to meet its strategic objectives. The adversary, hitherto tracked by Redmond under the emerging cluster moniker Storm-1789, is assessed to be a state-aligned group that originally exhibited strong t...

Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper. The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango Sandstorm, Static Kitten, or TA450), a cluster assessed to be affiliated with Iran's Ministry of Intelligence and Security (MOIS). The attacks also singled out one technology company based in Egypt. The campaign took place between September 30, 2024, and March 18, 2025. The hacking group first came to light in November 2017, when Palo Alto Networks Unit 42 detailed targeted attacks against the Middle East between February and October of that year using a custom backdoor dubbed POWERSTATS. It's also known for its destructive attacks on Israeli organizations using a Thanos ransomware varian...

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. "The attacker uses SEO to trick victims into visiting the pages by clicking on malicious search engine results," security researcher Jan Michael Alcantara said in a report shared with The Hacker News. "While most phishing pages focus on stealing credit card information, some PDF files contain fake CAPTCHAs that trick victims into executing malicious PowerShell commands, ultimately leading to the Lumma Stealer malware." The phishing campaign is estimated to have affected more than 1,150 organizations and more than 7,000 users since the second half of 2024, with the attacks primarily singling out victims in Nort...

LulzSec will release Murdoch email archive LulzSec behind a hack on The Sun's website claim to have extracted an email archive which they plan to release later on Tuesday. The Sun's website were redirected towards a fake story on the supposed death of Rupert Murdoch by infamous hacktivist collective LulzSec. The group also redirected visitors to the main News International website to the LulzSec Twitter account. Sabu leader of LulzSec said via Twitter that the group was sitting on emails of News International staffers that it planned to release. Sabu released email login details for former News International chief exec Rebekah Brooks, a central figure in the News of the World voicemail-hacking scandal. The hackers also posted the mobile phone numbers of three News International execs. This information seems to have come from an old database.

Al-Jazeera says hackers have targeted the Qatar-based TV satellite channel for the second time in a week, sending out false news reports on its mobile sms service. Al Jazeera confirm the hack in a tweet ," We'd like to inform our subscribers that Aljazeera sms sevice is being compromised by pirates and they've sent fake news news with no basis " " The story claiming that the Prime Minister (Sheikh Hamad bin Jassem) has been the target of an assassination attempt in the royal palace is completely false and was a result of hacking of the service ," the channel said in breaking news. A pro-Damascus group known as the Syrian Electronic Army quickly claimed responsibility for the Sunday hack on Twitter.  Social networks, including Twitter, quoted Al-Jazeera's mobile service on Sunday as saying that Sheikh Hamad was targeted in an attack on the palace in Doha and that the wife of the emir, Sheikha Moza bint Nasser, was lightly wounded. Hackers posted a pro-Syrian stateme...

The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week's stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions, logins, messages — the things people click without thinking. That's where damage starts now. This recap pulls those signals together. Not to overwhelm, but to show where attention slipped and why it matters early in the year. ⚡ Threat of the Week RondoDox Botnet Exploits React2Shell Flaw — A persistent nine-month-long campaign has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial...

It's been a week of chaos in code and calm in headlines. A bug that broke the internet's favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks — all within days. If you blink, you'll miss how fast the threat map is changing. New flaws are being found, published, and exploited in hours instead of weeks. AI-powered tools meant to help developers are quickly becoming new attack surfaces. Criminal groups are recycling old tricks with fresh disguises — fake apps, fake alerts, and fake trust. Meanwhile, defenders are racing to patch systems, block massive DDoS waves, and uncover spy campaigns hiding quietly inside networks. The fight is constant, the pace relentless. For a deeper look at these stories, plus new cybersecurity tools and upcoming expert webinars, check out the full ThreatsDay Bulletin. ⚡ Threat of the Week Max Severity React Flaw Comes Under Attack — A critical security flaw impacting React Server Components (RSC) has ...

Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang . Checkmarx said it discovered 199 rogue packages totaling thousands of installations, with the group operating for over a year with the goal of stealing credit card data as well as user accounts associated with Discord Nitro, gaming, and streaming services. "LofyGang operators are seen promoting their hacking tools in hacking forums, while some of the tools are shipped with a hidden backdoor," the software security company said in a report shared with The Hacker News prior to its publication. Various pieces of the attack puzzle have already been reported by  JFrog ,  Sonatype , and  Kaspersky  (which called it LofyLife), but the latest analysis pulls the various operations together under one organizational umbrella that Checkmarx is referring to as  LofyGang . Believed to be ...

The official website of one of the biggest Arabic-language news network " Al Jazeera " got hacked just now by Pro-Assad hackers called " Al-Rashedon ". If your miss the deface page, please have a look to mirror of it Here . Deface page designed with Dark color as shown in image and have some message in Arabic language, in English its " In response to your attitude against Syria, ( Syrian people and Government ) and your support to the Terrorist & Armed Groups, and sharing Fake news, your site has been hacked and this is our response to you. ( Al Rashedon hakcker group .)" Hacking group " Al-Rashedon " can be the part of " Syrain Electronic Army ", But yet Syrian Hackers didn't claim anything about this hack on their facebook page or website. The Arabic used (and the language mistakes) indicates that the hackers may be people living abroad and not native Syrians, may be these hackers belongs to Iraq. Name " Rashedon ...

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. "The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews," Ryan Sherstobitoff, senior vice president of Threat Research and Intelligence at SecurityScorecard, said in a new report published today. "Once a victim takes the bait, they're directed to clone a malicious GitLab repository – seemingly harmless, but packed with disaster. The cloned code connects to command-and-control (C2) servers, embedding malware into the victim's environment." Victims of the campaign have been identified across the globe, with a significant concentration recorded in Italy. A lesser number of impacted victims are located in Argentina, Brazil, Egypt, France, Germany, India, Indonesia, Mexico,...