HackenPost blogs - Page 83 of 124

Data Breaches

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence…

July 21, 2025

Data Breaches

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak…

July 21, 2025

Data Breaches

Assessing the Role of AI in Zero Trust

By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No…

July 21, 2025

Data Breaches

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO)…

July 21, 2025

Data Breaches

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details…

July 21, 2025

Data Breaches

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points…

July 21, 2025

Data Breaches

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation…

July 20, 2025

Data Breaches

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing…

July 20, 2025

Data Breaches

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the…

July 20, 2025

Data Breaches

China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones

Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities…

July 18, 2025

Hand-Picked Top-Read Stories

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

Trending Tags

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents

⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More

Assessing the Role of AI in Zero Trust

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks

Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool