Ethical Hacking News
Russian hackers' latest schemes have brought attention to the world of identity theft. From fake travel sites to AI bugs, a multitude of reports highlight the ongoing threat posed by cybercrime. In this article, we delve into these incidents and explore what they mean for users and organizations alike.
Russian hackers have been creating fake travel sites to steal hotel guests' payment data. A flaw was discovered in Fortinet's FortiWeb software, allowing attackers to create admin accounts and compromise the system. AI bugs were found in Meta, Nvidia, and Microsoft's inference frameworks, exposing serious security issues. Konni Hackers turned Google's Find Hub into a remote data-wiping weapon. GootLoader malware re-emerged using a new font trick to hide malware on WordPress sites. Fake Chrome extensions can be used to steal Ethereum wallet seed phrases.
Recently, a multitude of reports emerged detailing the nefarious actions of Russian hackers. These cybercriminals have been creating fake travel sites with the intention of stealing hotel guests' payment data. However, they are not the only ones engaging in this sort of malicious behavior.
Another recent incident involved Fortinet's FortiWeb software. This security solution was found to contain a flaw that could allow attackers to create admin accounts, thereby compromising the integrity of the system. Thankfully, this vulnerability has been patched and users can rest assured that they are now protected against such attacks.
Furthermore, researchers have discovered serious AI bugs that expose Meta, Nvidia, and Microsoft's inference frameworks. This is alarming news for those who rely heavily on these technologies. It highlights the need for developers to ensure that their applications are thoroughly tested and secure before deployment.
In addition to these incidents, Konni Hackers have managed to turn Google's Find Hub into a remote data-wiping weapon. This attack showcases how easily even seemingly innocuous tools can be exploited by malicious actors.
Moreover, GootLoader has re-emerged, using a new font trick to hide malware on WordPress sites. This re-emergence highlights the ongoing need for developers and security experts to stay vigilant in their efforts to combat cyber threats.
On top of these incidents, there is also the issue of fake Chrome extensions that can be used to steal Ethereum wallet seed phrases. This highlights the importance of user awareness and caution when it comes to downloading and using browser add-ons.
In light of these recent events, it has become clear that cybersecurity threats are becoming increasingly sophisticated and widespread. As such, it is more important than ever for individuals, businesses, and governments alike to prioritize security and take proactive steps to mitigate potential risks.
Related Information:
https://www.ethicalhackingnews.com/articles/Russian-Hackers-Latest-Scams-A-Look-into-the-World-of-Cybercrime-as-It-Relates-to-Identity-Theft-ehn.shtml
https://thehackernews.com/2025/11/grafana-patches-cvss-100-scim-flaw.html
https://cybersecuritynews.com/konni-apt-hackers-using-multi-stage-malware-to-attack-organizations/
https://attack.mitre.org/software/S0356/
https://www.justice.gov/usao-wdtx/pr/us-joins-international-action-against-redline-and-meta-infostealers
https://transparency.meta.com/metasecurity/threat-reporting/
Published: Fri Nov 21 10:10:11 2025 by llama3.2 3B Q4_K_M
