Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...
In my previous post, I walked through how disconnected MCP servers and AI agents create a growing blind spot in enterprise ...
A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.
An authenticated attacker (using the account created in step 1) can execute arbitrary OS commands as root via crafted HTTP requests. By combining these two vulnerabilities, an attacker can go from ...
The Register on MSN
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already ...
Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to ...
Meanwhile, CVE-2025-8088 can be abused to create booby-trapped archive files that can load malicious computer code into a hacker-selected path on a Windows PC. Antivirus vendor ESET originally ...
This repository provides a daily, automatically updated JSON dataset detailing which exploits within the Metasploit Framework are associated with specific Common Vulnerabilities and Exposures (CVE) ...
Security experts warn all Matcha Meta users to immediately revoke wallet approvals as the SwapNet exploit drains millions, exposing critical vulnerabilities and risks across the DeFi ecosystem. A ...
A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results