HackenPost blogs - Page 34 of 88

Data Breaches

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and…

August 27, 2025

Data Breaches

Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle…

August 27, 2025

Data Breaches

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with…

August 26, 2025

Data Breaches

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to…

August 26, 2025

Data Breaches

HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…

August 26, 2025

Data Breaches

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even…

August 26, 2025

Data Breaches

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn…

August 25, 2025

Data Breaches

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise…

August 25, 2025

Data Breaches

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS…

August 25, 2025

Data Breaches

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but…

August 24, 2025

Hand-Picked Top-Read Stories

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

Trending Tags

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection