Hackvolt — IT Security News, Cybersecurity & Research & Security Audits

The State of Trusted Open Source Report

NEWSApril 2, 2026020 mins

In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer…

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

NEWSApril 2, 202605 mins

A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. “Beyond…

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

NEWSApril 2, 202608 mins

Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk…

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

NEWSApril 1, 202604 mins

Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS)…

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

NEWSApril 1, 202608 mins

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s…

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

NEWSApril 1, 202608 mins

Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence (AI) coding assistant, Claude Code, had been inadvertently…

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

NEWSMarch 31, 202605 mins

A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day…

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

NEWSMarch 31, 202606 mins

Cybersecurity researchers have disclosed a security “blind spot” in Google Cloud’s Vertex AI platform that could allow artificial intelligence (AI)…

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

NEWSMarch 31, 2026010 mins

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the…

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

NEWSMarch 30, 2026010 mins

Secrets sprawl isn’t slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian’s State of Secrets Sprawl…

Hackvolt — IT Security News

The State of Trusted Open Source Report

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

The State of Trusted Open Source Report

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

Why Data Security and Privacy Need to Start in Code

TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

You May Have Missed