HackenPost blogs - Page 55 of 88

Data Breaches

That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate…

July 2, 2025

Data Breaches

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone…

July 2, 2025

Data Breaches

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof…

July 2, 2025

Data Breaches

Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design…

July 2, 2025

Data Breaches

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic’s Model Context Protocol (MCP)…

July 1, 2025

Data Breaches

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and…

July 1, 2025

Data Breaches

A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical…

July 1, 2025

Data Breaches

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists…

July 1, 2025

Data Breaches

U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms

The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT)…

July 1, 2025

Data Breaches

Microsoft Removes Password Management from Authenticator App Starting August 2025

Microsoft has said that it’s ending support for passwords in its Authenticator app starting August 1, 2025. Microsoft’s…

July 1, 2025

Hand-Picked Top-Read Stories

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

Trending Tags

That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms

Microsoft Removes Password Management from Authenticator App Starting August 2025

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection