Exploitation

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity experts have uncovered a serious vulnerability in OpenAI’s ChatGPT Atlas browser, which could let attackers inject malicious commands into the AI assistant’s memory and execute unauthorized code. According to Or Eshed, Co-Founder and CEO of LayerX Security, “This exploit enables cybercriminals to implant harmful code, elevate privileges, or deploy malware on targeted systems,” as […]

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Read More »

Qilin Ransomware Uses Linux Payload and BYOVD Exploit in Sophisticated Hybrid Attack

Qilin, also tracked as Agenda, Gold Feather, and Water Galura, has become one of the most active ransomware-as-a-service operations since mid-2022. In 2025 the group averaged more than 40 victims per month, peaking at around 100 data-leak posts in June, and reaching 84 victims in both August and September 2025. Cisco Talos data shows significant

Qilin Ransomware Uses Linux Payload and BYOVD Exploit in Sophisticated Hybrid Attack Read More »

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released

A critical flaw has been uncovered in BIND 9 resolvers, which could allow attackers to poison DNS caches and redirect users to malicious domains. The vulnerability, tracked as CVE-2025-40778, affects more than 706,000 publicly exposed instances worldwide, according to data from internet scanning company Censys. With a CVSS score of 8.6, the bug arises from

Over 706,000 BIND 9 Resolver Instances Exposed Online and Vulnerable to Cache Poisoning, PoC Released Read More »

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited

Microsoft has released an urgent out-of-band security update to address a critical vulnerability in Windows Server Update Services (WSUS). This flaw, identified as CVE-2025-59287, has a high CVSS score of 9.8 and is being actively exploited, with a publicly available proof-of-concept (PoC) already circulating. The vulnerability is a remote code execution (RCE) issue affecting WSUS

Newly Patched Critical Microsoft WSUS Vulnerability Actively Exploited Read More »

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog. According to the agency, the flaw has been actively exploited in the wild, posing a significant risk to organizations using unpatched versions. Identified as CVE-2025-61932 and rated 9.3 (CVSS

CISA Confirms Active Exploitation of Critical Lanscope Endpoint Manager Vulnerability Read More »

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch

Chinese-linked threat actors have quickly exploited the ToolShell security vulnerability in Microsoft SharePoint, targeting multiple organizations across the globe shortly after Microsoft patched the flaw in July 2025. This series of attacks highlights the speed and sophistication of threat actors in leveraging newly disclosed vulnerabilities for espionage and cybercrime. The initial breach affected a telecommunications

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch Read More »

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams

Security researchers have discovered vulnerabilities in Microsoft’s Azure ecosystem that allow attackers to create fraudulent applications that look like official services, including Microsoft Teams and the Azure Portal. Unicode Trick Bypasses Safeguards Varonis identified that Azure’s protection mechanisms, which prevent reserved names in cross-tenant apps, can be circumvented by inserting invisible Unicode characters. Attackers used

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams Read More »

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations

A serious security flaw has been discovered in Zyxel’s ATP and USG series network security appliances, enabling attackers to bypass two-factor authentication and access sensitive system configurations without authorization. Identified as CVE-2025-9133, this vulnerability impacts devices running ZLD firmware version 5.40 and was publicly disclosed on October 21, 2025, following a coordinated disclosure. The flaw

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations Read More »

Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers and Install Malicious Modules

Security researchers have uncovered a widespread campaign where attackers exploited publicly available ASP.NET machine keys to break into Windows IIS web servers, then installed a malicious IIS module to hijack traffic and profit from fake search rankings. The group, tracked as REF3927, leveraged keys published in places like Microsoft documentation and online forums, making many

Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers and Install Malicious Modules Read More »

Hackers Exploit 34 Zero-Day Flaws and Earn $522,500 at Pwn2Own Ireland 2025

The first day of Pwn2Own Ireland 2025 concluded with remarkable results, as security researchers discovered 34 distinct zero-day vulnerabilities across a variety of smart devices. Every single exploit attempt succeeded, resulting in a total prize payout of $522,500. The event, taking place in Cork, Ireland, from October 21 to 24, brings together elite hackers to

Hackers Exploit 34 Zero-Day Flaws and Earn $522,500 at Pwn2Own Ireland 2025 Read More »