HackenPost blogs - Page 13 of 91

Data Breaches

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an…

November 25, 2025

Data Breaches

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively…

November 25, 2025

Data Breaches

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in…

November 24, 2025

Data Breaches

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs.…

November 24, 2025

Data Breaches

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

New research from CrowdStrike has revealed that DeepSeek’s artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities…

November 24, 2025

Data Breaches

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors…

November 24, 2025

Data Breaches

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the…

November 22, 2025

Data Breaches

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means…

November 22, 2025

Data Breaches

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity…

November 22, 2025

Data Breaches

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or…

November 21, 2025

Hand-Picked Top-Read Stories

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Trending Tags

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

npm’s Update to Harden Their Supply Chain, and Points to Consider

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems