HackenPost blogs - HACKENPOST FOR YOU

Data Breaches

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than…

June 17, 2026

Data Breaches

144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript…

June 17, 2026

Data Breaches

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory…

June 17, 2026

Data Breaches

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to…

June 16, 2026

Data Breaches

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader,…

June 16, 2026

Data Breaches

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating…

June 16, 2026

Data Breaches

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under…

June 16, 2026

Data Breaches

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to…

June 16, 2026

Data Breaches

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a…

June 15, 2026

Data Breaches

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster…

June 15, 2026

Hand-Picked Top-Read Stories

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

144 Mastra npm Packages Compromised via Hijacked Contributor Account

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Trending Tags

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

144 Mastra npm Packages Compromised via Hijacked Contributor Account

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

144 Mastra npm Packages Compromised via Hijacked Contributor Account

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw