HackenPost blogs - Page 67 of 108

Data Breaches

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according…

July 22, 2025

Data Breaches

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence…

July 21, 2025

Data Breaches

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak…

July 21, 2025

Data Breaches

Assessing the Role of AI in Zero Trust

By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No…

July 21, 2025

Data Breaches

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO)…

July 21, 2025

Data Breaches

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details…

July 21, 2025

Data Breaches

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points…

July 21, 2025

Data Breaches

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation…

July 20, 2025

Data Breaches

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing…

July 20, 2025

Data Breaches

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the…

July 20, 2025

Hand-Picked Top-Read Stories

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Trending Tags

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Assessing the Role of AI in Zero Trust

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

We Are At War