HackenPost blogs - Page 18 of 122

Data Breaches

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to…

March 23, 2026

Data Breaches

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to…

March 23, 2026

Data Breaches

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the…

March 23, 2026

Data Breaches

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA),…

March 23, 2026

Data Breaches

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications (CMAs) like…

March 21, 2026

Data Breaches

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager…

March 21, 2026

Data Breaches

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS,…

March 21, 2026

Data Breaches

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting…

March 21, 2026

Data Breaches

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span…

March 20, 2026

Data Breaches

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting…

March 20, 2026

Hand-Picked Top-Read Stories

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Trending Tags

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone