HackenPost blogs - Page 65 of 123

Data Breaches

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025,…

September 5, 2025

Data Breaches

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access…

September 5, 2025

Data Breaches

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation…

September 5, 2025

Data Breaches

Automation Is Redefining Pentest Delivery

Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as…

September 5, 2025

Data Breaches

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part…

September 5, 2025

Data Breaches

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called…

September 4, 2025

Data Breaches

Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions

Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass social media platform X’s malvertising…

September 4, 2025

Data Breaches

Google Fined $379 Million by French Regulator for Cookie Consent Violations

The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million (€325 million) and…

September 4, 2025

Data Breaches

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers…

September 4, 2025

Data Breaches

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts…

September 3, 2025

Hand-Picked Top-Read Stories

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws

Trending Tags

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

Automation Is Redefining Pentest Delivery

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions

Google Fined $379 Million by French Regulator for Cookie Consent Violations

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network