HackenPost blogs - Page 11 of 91

Data Breaches

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed…

December 9, 2025

Data Breaches

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites…

December 8, 2025

Data Breaches

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s…

December 8, 2025

Data Breaches

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers…

December 8, 2025

Data Breaches

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses…

December 8, 2025

Data Breaches

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine…

December 6, 2025

Data Breaches

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React…

December 6, 2025

Data Breaches

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into…

December 5, 2025

Data Breaches

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity…

December 5, 2025

Data Breaches

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts…

November 27, 2025

Hand-Picked Top-Read Stories

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Trending Tags

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

npm’s Update to Harden Their Supply Chain, and Points to Consider

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems