HackenPost blogs - Page 81 of 88

Data Breaches

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures

The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting…

April 20, 2025

Data Breaches

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot…

April 19, 2025

Data Breaches

ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware

ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to…

April 19, 2025

Data Breaches

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users…

April 18, 2025

Data Breaches

Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader.…

April 18, 2025

Data Breaches

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT…

April 18, 2025

Data Breaches

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with…

April 18, 2025

Data Breaches

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows…

April 18, 2025

Data Breaches

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified…

April 17, 2025

Data Breaches

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix…

April 17, 2025

Hand-Picked Top-Read Stories

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Trending Tags

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability