HackenPost blogs - Page 8 of 88 - HACKENPOST FOR YOU

Data Breaches

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed…

December 9, 2025

Data Breaches

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites…

December 8, 2025

Data Breaches

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s…

December 8, 2025

Data Breaches

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers…

December 8, 2025

Data Breaches

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses…

December 8, 2025

Data Breaches

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine…

December 6, 2025

Data Breaches

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React…

December 6, 2025

Data Breaches

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into…

December 5, 2025

Data Breaches

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity…

December 5, 2025

Data Breaches

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts…

November 27, 2025

Hand-Picked Top-Read Stories

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Trending Tags

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability