Attack of the killer script kiddies

For decades, this type of no-skill hacker, known as a script kiddie, has wreaked havoc, running scripts they ripped from the ...

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
Dark Reading

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated ...
Security Boulevard

The Invisible Threat: Business Logic Flaws in Modern Applications and Why Scanners Miss Them

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...

Hackers Are Now Using Microsoft Teams to Breach Company Networks Without Using Any Exploits

A newly identified threat group, UNC6692, has been caught running a sophisticated cyberattack campaign that uses Microsoft ...
Cybernews

750,000 DNN websites in danger: a simple SVG upload can lead to complete compromise

A severe cross-site-scripting (XSS) vulnerability in DNN, a popular open-source content management platform, allows attackers ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
The Hacker News

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
Hosted on MSN

New Roblox cheat scripts emerge despite anti-cheat crackdown

Multiple new cheat scripts for popular Roblox games have surfaced online in early 2026, offering automation and exploit features despite Roblox's expansion of automated anti-cheat actions. The tools ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...