Today: 19 November 2025
Subscribe
Browse Category

Hacking News 15 July 2025 - 4 November 2025

Kwangmyong: Inside North Korea’s National Intranet Service

North Korea’s ‘HttpTroy’ Backdoor Exposed – Inside the Stealth Hack Shaking Cybersecurity and Stocks

Kimsuky’s “HttpTroy” – A Fake VPN Invoice with a Real Backdoor A new threat actor playbook has emerged from North Korea’s shadowy cyber-espionage operations. In early November 2025, researchers revealed that the DPRK-linked group Kimsuky (aka Velvet Chollima or Thallium) deployed a previously unknown malware dubbed “HttpTroy.” The twist? Kimsuky’s hackers delivered this backdoor under the guise of an innocuous VPN invoice email webpronews.com. The phishing emails were crafted to look like legitimate billing notices for a VPN service – a lure likely to trick busy professionals, especially in South Korean government and defense circles, which Kimsuky often targets webpronews.com.
4 November 2025
 ·  ·  ·  · 
Cybersecurity Storm: Hacks, Ransomware and Crackdowns Rock the Globe (July 23–24, 2025)

Cybersecurity Storm: Hacks, Ransomware and Crackdowns Rock the Globe (July 23–24, 2025)

Storm-2603, a China-linked cyber-espionage group, exploited a zero-day in Microsoft SharePoint Server (Toolshell) and by July 23 had breached at least 400 organizations, including DHS, DOE’s NNSA, the Department of Education, and NIH, with some hacked servers later seeded with LockBit and Warlock ransomware. The FBI, CISA, HHS, and MS-ISAC issued a joint alert about Interlock ransomware, first seen in late 2024, using drive-by downloads from compromised sites and a ‘ClickFix’ social-engineering tactic to exfiltrate data and then encrypt, often directing victims to a Tor-based ransom site. The United Kingdom on July 23 proposed a ban on ransomware payments by
24 July 2025
 ·  ·  ·  · 
Cybersecurity Mayhem: Major Hacks, Data Breaches & Bold Defenses – Roundup (July 14, 2025)

Cybersecurity Mayhem: Major Hacks, Data Breaches & Bold Defenses – Roundup (July 14, 2025)

Security analysts reported a 133% rise in Iranian state-sponsored attacks through May–June 2025, with Nozomi Networks tracking 28 incidents across six APT groups (MuddyWater, APT33, OilRig, CyberAvengers, Fox Kitten, Homeland Justice), and MuddyWater alone carrying out five breaches targeting OT/ICS. A joint alert by CISA, the FBI, NSA and DoD warned Iranian hackers may target defense, water, and aviation firms amid rising Middle East tensions. In Europe, Chinese state-backed hackers exploited a zero-day in Ivanti VPN appliances to infiltrate French government networks, with ANSSI linking the operation to the UNC5174 group. The U.S. Department of Justice announced the takedown of
15 July 2025
 ·  ·  ·  · 
Go toTop