Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

KEV Collider combines data from multiple open-source vulnerability frameworks to help cybersecurity teams assess which issues ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
PCQuest

One command, full recon: Why AutoPentestX matters for Linux pentesters

AutoPentestX is an open-source Linux penetration testing toolkit that automates scanning, CVE mapping, and reporting without unsafe exploitation.
Security Boulevard

AI-powered penetration testing: Definition, Tools and Process

AI-powered penetration testing is an advanced approach to security testing that uses artificial intelligence, machine learning, and autonomous agents to simulate real-world cyberattacks, identify ...

AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years ...
Game Rant

ARC Raiders Players Have Found a New Exploit That Gives PC Player an Unfair Advantage

Pam's Colecovision was her babysitter, from the age of 4 or 5, but the family only had one game. Over and over, hour after hour, she'd climb and jump through the three levels of Donkey Kong. But the ...
PC Gamer

Action RPG players will exploit anything in the name of efficiency, which is why Path of Exile 2 players are locking themselves in the campaign for profit

MMO After a server glitch, Final Fantasy 11 is dispatching Game Masters to manually assassinate bugged monsters just so the game knows they're really dead: 'God personally stepping in to correct the ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Yahoo

China exploits US-funded research on nuclear technology, a congressional report says

WASHINGTON (AP) — China is exploiting partnerships with U.S. researchers funded by the Department of Energy to provide the Chinese military with access to sensitive nuclear technology and other ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
Nasdaq

Exploits Appoints Guy Bédard to Board

Veteran Mining Engineer Brings Technical Expertise and Deep Experience in Québec Neither the Canadian Securities Exchange nor its Regulation Service Provider (as the term is defined in the policies of ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...