HackenPost blogs - Page 53 of 88

Data Breaches

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called…

July 8, 2025

Data Breaches

5 Ways Identity-based Attacks Are Breaching Retail

From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and…

July 8, 2025

Data Breaches

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

Cybersecurity researchers are calling attention to a malware campaign that’s targeting security flaws in TBK digital video recorders…

July 8, 2025

Data Breaches

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as…

July 8, 2025

Data Breaches

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware…

July 8, 2025

Data Breaches

⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is…

July 7, 2025

Data Breaches

Manufacturing Security: Why Default Passwords Must Go

If you didn’t hear about Iranian hackers breaching US water facilities, it’s because they only managed to control a…

July 7, 2025

Data Breaches

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

A hacking group with ties other than Pakistan has been found targeting Indian government organizations with a modified…

July 7, 2025

Data Breaches

Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and…

July 5, 2025

Data Breaches

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy…

July 5, 2025

Hand-Picked Top-Read Stories

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

Trending Tags

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

5 Ways Identity-based Attacks Are Breaching Retail

RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Manufacturing Security: Why Default Passwords Must Go

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection