Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
Dark Reading

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

A zero-day vulnerability in WatchGuard Firebox firewalls is under active exploitation, marking the latest attacks against edge devices this month. WatchGuard disclosed the vulnerability, tracked as ...
The Conversation

The #iwasfifteen hashtag and ongoing Epstein coverage show how traffickers exploit the vulnerabilities of teens and tweens

Anne P. DePrince has received funding from the Department of Justice, National Institutes of Health, State of Colorado, and University of Denver. She has received honoraria for giving presentations ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
CSOonline

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...
Bleeping Computer

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later.
PC Magazine

Hackers Love Windows 10. Do This One Thing to Keep Them Out

With Windows 10 no longer receiving support, it has become an easy target for hackers. That doesn't mean you have to upgrade immediately—here's how to protect yourself from attacks. When the IBM PC ...