Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...

In the React2Shell saga, nonworking and trivial proof-of-concept exploits led to a false sense of security. Can the onslaught ...

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

Microsoft fixed 56 Windows security flaws, including an actively exploited privilege-escalation bug and two new ...

The 'GhostPairing' vulnerability in WhatsApp enables attackers to seize full control of an account, providing them with ...

As exploitation activity against CVE-2025-55182, researchers are finding some exploits contain bypasses for Web application firewall (WAF) rules.

Human-in-the-loop (HITL) safeguards that AI agents rely on can be subverted, allowing attackers to weaponize them to run ...

A new WhatsApp scam, called GhostPairing, has begun to quietly unsettle cybersecurity researchers as the attack somehow evades the app's most common security me ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

Vulnerability Detection Authors, Creators & Presenters: Hengkai Ye (The Pennsylvania State University), Hong Hu (The Pennsylvania State University) PAPER Too Subtle to Notice: Investigating Executable ...

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in ...