Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is […]
Category: exploits
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain […]
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Coruna is also notable for its use by three distinct hacking groups. Google first detected its use in February of […]
Only one percent of vulnerabilities were actually exploited last year
We’re constantly told that the number of vulnerabilities is ever increasing, but a new report from VulnCheck shows that while […]
Admins and defenders gird themselves against maximum-severity server vuln
“I usually don’t say this, but patch right freakin’ now,” one researcher wrote. “The React CVE listing (CVE-2025-55182) is a […]
Fraudulent gambling network may actually be something more nefarious
A sprawling infrastructure that has been bilking unsuspecting people through fraudulent gambling websites for 14 years is likely a dual […]
Adult sites are stashing exploit code inside racy .svg files
The obfuscated code inside an .svg file downloaded from one of the porn sites. Credit: Malwarebytes The obfuscated code inside […]
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Jul 24, 2025Ravie LakshmananVirtualization / Network Security Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire […]
What to know about ToolShell, the SharePoint threat under mass exploitation
Microsoft fixed the vulnerability pair—CVE-2025-49706 and CVE-2025-49704—two weeks ago as part of the company’s monthly update release. As the world […]
Actively exploited vulnerability gives extraordinary control over server fleets
On Wednesday, CISA added CVE-2024-54085 to its list of vulnerabilities known to be exploited in the wild. The notice provided […]