HackenPost blogs - Page 23 of 122

Data Breaches

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm…

March 11, 2026

Data Breaches

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data…

March 11, 2026

Data Breaches

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does…

March 10, 2026

Data Breaches

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW)…

March 10, 2026

Data Breaches

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Salesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible…

March 10, 2026

Data Breaches

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited…

March 10, 2026

Data Breaches

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote…

March 9, 2026

Data Breaches

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign…

March 9, 2026

Data Breaches

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Another week in cybersecurity. Another week of “you’ve got to be kidding me.” Attackers were busy. Defenders were…

March 9, 2026

Data Breaches

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering…

March 9, 2026

Hand-Picked Top-Read Stories

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Trending Tags

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone