HackenPost blogs - Page 40 of 122

Data Breaches

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Cybersecurity researchers have disclosed details of an active phishing campaign that’s targeting a wide range of sectors in…

December 15, 2025

Data Breaches

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called…

December 15, 2025

Data Breaches

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink…

December 13, 2025

Data Breaches

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser…

December 13, 2025

Data Breaches

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously…

December 12, 2025

Data Breaches

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable…

December 12, 2025

Data Breaches

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to…

December 12, 2025

Data Breaches

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that,…

December 12, 2025

Data Breaches

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability…

December 12, 2025

Data Breaches

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer…

December 12, 2025

Hand-Picked Top-Read Stories

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Trending Tags

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone