HackenPost blogs - Page 50 of 90

Data Breaches

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak…

July 21, 2025

Data Breaches

Assessing the Role of AI in Zero Trust

By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No…

July 21, 2025

Data Breaches

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO)…

July 21, 2025

Data Breaches

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details…

July 21, 2025

Data Breaches

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points…

July 21, 2025

Data Breaches

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation…

July 20, 2025

Data Breaches

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing…

July 20, 2025

Data Breaches

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the…

July 20, 2025

Data Breaches

China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones

Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities…

July 18, 2025

Data Breaches

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked…

July 18, 2025

Hand-Picked Top-Read Stories

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Trending Tags

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Assessing the Role of AI in Zero Trust

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials