HackenPost blogs - Page 45 of 112

Data Breaches

Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation

Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with…

October 24, 2025

Data Breaches

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware…

September 29, 2025

Data Breaches

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From…

September 29, 2025

Data Breaches

The State of AI in the SOC 2025 – Insights from Recent Study

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit…

September 29, 2025

Data Breaches

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized…

September 29, 2025

Data Breaches

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

Cybersecurity researchers have discovered what has been described as the first-ever instance of a malicious Model Context Protocol…

September 29, 2025

Data Breaches

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing…

September 27, 2025

Data Breaches

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is…

September 26, 2025

Data Breaches

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of…

September 26, 2025

Data Breaches

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

Car makers don’t trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design…

September 26, 2025

Hand-Picked Top-Read Stories

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Trending Tags

Newly Patched Critical Microsoft WSUS Flaw Comes Under Active Exploitation

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

The State of AI in the SOC 2025 – Insights from Recent Study

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Researchers Expose Phishing Threats Distributing CountLoader and PureRAT

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV