HackenPost blogs - Page 7 of 106

Data Breaches

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data…

March 11, 2026

Data Breaches

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does…

March 10, 2026

Data Breaches

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW)…

March 10, 2026

Data Breaches

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Salesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible…

March 10, 2026

Data Breaches

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited…

March 10, 2026

Data Breaches

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote…

March 9, 2026

Data Breaches

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign…

March 9, 2026

Data Breaches

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Another week in cybersecurity. Another week of “you’ve got to be kidding me.” Attackers were busy. Defenders were…

March 9, 2026

Data Breaches

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering…

March 9, 2026

Data Breaches

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as…

March 9, 2026

Hand-Picked Top-Read Stories

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

Trending Tags

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR

5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials