HackenPost blogs - Page 10 of 88

Data Breaches

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an…

November 25, 2025

Data Breaches

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively…

November 25, 2025

Data Breaches

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in…

November 24, 2025

Data Breaches

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs.…

November 24, 2025

Data Breaches

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

New research from CrowdStrike has revealed that DeepSeek’s artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities…

November 24, 2025

Data Breaches

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors…

November 24, 2025

Data Breaches

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the…

November 22, 2025

Data Breaches

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means…

November 22, 2025

Data Breaches

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity…

November 22, 2025

Data Breaches

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or…

November 21, 2025

Hand-Picked Top-Read Stories

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Trending Tags

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability