Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-05 03:00 PDT
- ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The Hacker News • 2026-05-05 02:07 • thehackernews.com
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.
While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have enabled the
https://thehackernews.com/2026/05/scarcruft-hacks-gaming-platform-to.html - ScarCruft hackers push BirdCall Android malware via game platform
BleepingComputer • 2026-05-05 02:04 • www.bleepingcomputer.com
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. […]
https://www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/ - Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
The Hacker News • 2026-05-05 00:37 • thehackernews.com
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild.
The vulnerability (CVE-2026-22679, CVSS score: 9.8) relates to a case of unauthenticated remote code execution affecting Weaver E-cology 10.0 versions prior to 20260312. The issue resides in the “/papi/esearch/data/devops/
https://thehackernews.com/2026/05/weaver-e-cology-rce-flaw-cve-2026-22679.html - 174: Pacific Rim
Darknet Diaries • 2026-05-05 00:00 • darknetdiaries.comFor six years, Sophos fought a secret cyber war against a state-backed hacking group targeting its firewalls. This forced Sophos to drastically change tactics to properly secure their firewalls.
Was it ethical? Was it effective? They disrupted nine zero-day attacks, exposed who was hacking them, and forced the hackers to change tactics. But at what cost?
You have to listen to one of the most audacious corporate cyber defenses ever conducted.
Sponsors
Support for this show comes from ThreatLocker®. Thre…
https://darknetdiaries.com/episode/174/ - Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
The Hacker News • 2026-05-04 23:35 • thehackernews.com
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens.
The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26 countries,
https://thehackernews.com/2026/05/microsoft-details-phishing-campaign.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
