HackenPost blogs HackenPost blogs
0
99
5
90
12
189
0
0
HackenPost blogs HackenPost blogs
dark
HackenPost blogs HackenPost blogs
Hand-Picked Top-Read Stories
New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests
Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
Trending Tags
  • Vulnerability
  • Unauthorized access risks
  • Two-factor authentication best practices
  • Tech
  • System vulnerability patches
  • System security tips
  • Strong password guidelines
  • Stealer
  • Staying informed on cyber threats
  • Security software updates importance
  • Data Breaches

New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

Updated July 18, 2026: the two flaws now carry CVE IDs, the full mechanism has been published, a…
July 17, 2026
  • Data Breaches

OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a…
July 17, 2026
  • Data Breaches

Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as…
July 17, 2026
  • Data Breaches

New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator’s own…
July 17, 2026
  • Data Breaches

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel,…
July 17, 2026
  • Data Breaches

ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords,…
July 17, 2026
  • Data Breaches

New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage

Cybersecurity researchers have discovered a previously undocumented malware called GoSerpent that has been put to use in cyber…
July 17, 2026
  • Data Breaches

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft…
July 17, 2026
  • Data Breaches

Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

Owen Flowers, 18, and Thalha Jubair, 20, were each sentenced to five and a half years at Woolwich…
July 16, 2026
  • Data Breaches

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful…
July 16, 2026

Posts pagination

1 2 … 134 Next
Featured Posts
  • New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

    July 17, 2026
  • OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

    July 17, 2026
  • Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

    July 17, 2026
  • New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

    July 17, 2026
  • GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

    July 17, 2026
Recent Posts
  • AI Can Find Bugs, But Human Knowledge Still Proves Them

  • Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Categories
  • Cyber Attacks (5)
  • Data Breaches (1,329)
  • News (4)
  • Technology (3)
  • Vulnerabilities (2)
HackenPost blogs HackenPost blogs
Designed & Developed by Hackenpost
0
99
5
90
12
189
0
0