HackenPost blogs - Page 11 of 122

Data Breaches

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by…

May 25, 2026

Data Breaches

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing…

May 25, 2026

Data Breaches

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving…

May 23, 2026

Data Breaches

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to…

May 23, 2026

Data Breaches

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across…

May 23, 2026

Data Breaches

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging…

May 23, 2026

Data Breaches

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The…

May 23, 2026

Data Breaches

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal…

May 23, 2026

Data Breaches

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service…

May 22, 2026

Data Breaches

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to…

May 22, 2026

Hand-Picked Top-Read Stories

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Trending Tags

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development