HackenPost blogs - Page 42 of 122

Data Breaches

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous…

December 9, 2025

Data Breaches

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to…

December 9, 2025

Data Breaches

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster…

December 9, 2025

Data Breaches

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed…

December 9, 2025

Data Breaches

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites…

December 8, 2025

Data Breaches

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s…

December 8, 2025

Data Breaches

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers…

December 8, 2025

Data Breaches

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses…

December 8, 2025

Data Breaches

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine…

December 6, 2025

Data Breaches

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React…

December 6, 2025

Hand-Picked Top-Read Stories

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Trending Tags

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone