The China-linked hacker group UNC6384 ( also known as Mustang Panda ) is conducting a large-scale cyberespionage campaign targeting European diplomatic and government agencies. According to Arctic Wolf and StrikeReady...
A breakthrough patch fixed a security flaw in the Windows Server Update Service (WSUS), but apparently caused hotpatching to stop working on certain Windows Server 2025 servers. Microsoft Hotpatch is...
OpenAI has unveiled Aardvark, an autonomous assistant based on the GPT-5 model , designed to automatically find and fix vulnerabilities in software code. This AI tool, dubbed a "security research...
Microsoft's Windows 11 updates often contain unexplained bugs, especially patches for new features, such as the recently released KB5067036 . While KB5067036 is an optional update, it introduced a completely...
A new open-source tool, known as HikvisionExploiter, was recently updated. This tool is designed to automate cyberattacks against vulnerable Hikvision IP cameras . Designed to facilitate penetration testing operations, this...
Wordfence is raising the alarm about a large-scale malware campaign in which attackers are exploiting critical vulnerabilities in the popular WordPress plugins GutenKit and Hunk Companion . The company blocked...
Many web applications rely on Apache Tomcat, a widely used open-source Java servlet container. On October 27, 2025, Apache disclosed two vulnerabilities: CVE-2025-55752 and CVE-2025-55754, affecting several versions of Tomcat....
Government hackers breached a nuclear weapons component manufacturing facility in the United States by exploiting vulnerabilities in Microsoft SharePoint. The incident affected the Kansas City National Security Campus (KCNSC) ,...
A global alert has been issued by the United States Cybersecurity and Infrastructure Security Agency (CISA) regarding the active exploitation of a critical remote code execution (RCE) flaw in Microsoft’s...
On the second day of the Pwn2Own Ireland 2025 competition, participants achieved impressive success, discovering 56 new zero-day vulnerabilities and earning a total of $792,750. This is the second phase...
