Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

KEV Collider combines data from multiple open-source vulnerability frameworks to help cybersecurity teams assess which issues ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
Security Boulevard

AI-powered penetration testing: Definition, Tools and Process

AI-powered penetration testing is an advanced approach to security testing that uses artificial intelligence, machine learning, and autonomous agents to simulate real-world cyberattacks, identify ...
GitHub

Metasploit Exploit CVE Coverage

This repository provides a daily, automatically updated JSON dataset detailing which exploits within the Metasploit Framework are associated with specific Common Vulnerabilities and Exposures (CVE) ...

AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years ...
GitHub

mr-bala-kavi/pentest-metasploitable2

This is a comprehensive penetration testing automation suite designed specifically for testing the Metasploitable2 vulnerable VM in a controlled lab environment. The suite orchestrates a complete ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. A Chinese threat actor built an exploit for three VMware ESXi vulnerabilities that were patched ...