The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
GamesRadar+

New PS5 and PS4 jailbreak exploits trigger a 1,000% surge in prices for an obscure remaster of the 24-year-old Star Wars Racer Revenge, with copies reaching $300

There have been a variety of developments in the PS5 hacking scene over the past handful of days, and it's all pointing to a happy new year for jailbreakers – and owners of the disc edition of Star ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Yahoo

China exploits US-funded research on nuclear technology, a congressional report says

WASHINGTON (AP) — China is exploiting partnerships with U.S. researchers funded by the Department of Energy to provide the Chinese military with access to sensitive nuclear technology and other ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: Top ...
GitHub

A list of freely available resources that can be used as a prerequisite before taking OSCE.

Notifications You must be signed in to change notification settings This repository contains a list of freely available resources that can be used as a pre-requisite before enrolling in Offensive ...
CoinTelegraph

Anthropic study says AI agents developed $4.6M in smart contract bugs

Commercial AI models were able to autonomously generate real-world smart contract exploits worth millions; the costs of such attacks are falling rapidly. Recent research by major artificial ...
CoinTelegraph

Balancer releases preliminary post-mortem report after $116M hack

The hack was one of the “most sophisticated” attacks so far in 2025, according to Deddy Lavid, CEO of blockchain security company Cyvers. The team behind decentralized finance (DeFi) protocol Balancer ...
TWCN Tech News

How to disable Exploit Protection in Windows 11

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...