Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...
HotHardware

Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

Microsoft Office is victim to a critical zero-day exploit, and Russian hacker groups are already weaponizing it in destabilizing efforts toward the Ukrainian government. While Westerners and most ...
HotHardware

Millions At Risk As Attackers Exploit This Alarming WinRAR Security Flaw

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...
CoinTelegraph

SwapNet exploit drains up to $13.3M from Matcha Meta users

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.
Android Authority

Finding new Play Store apps used to be frustrating, but this clever tool changes everything

It never fails to amaze me how bad Google is and continues to be at search. For a company that made its bones in this category, its apps lack the ability to adequately help me find what I’m looking ...
Ars Technica

Microsoft releases urgent Office patch. Russian-state hackers pounce.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...
Bleeping Computer

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious ...
Bleeping Computer

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...
Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...
CRN

Microsoft Discloses ‘Extraordinarily High’ Number Of Zero-Day Vulnerabilities: Researcher

The tech giant’s monthly release of security updates fixes six vulnerabilities that are considered actively exploited, according to a Trend Micro threat tracker. Microsoft’s monthly release of ...