SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
Wired

How Genes Have Harnessed Physics to Grow Living Things

The same pulling force that causes “tears” in a glass of wine also shapes embryos. It’s another example of how genes exploit mechanical forces for growth and development. Sip a glass of wine, and you ...
CoinDesk

Balancer Hit by Apparent Exploit as $110M in Crypto Moves to New Wallets

Balancer, a decentralized finance (DeFi) protocol with over $750 million in value locked, appears to have been hit by its biggest exploit yet, with on-chain data showing upward of $110 million in ...
PCGamesN

Battlefield 6 dev promises to fix its most ridiculous movement exploit

I've never seen a game launch without a single bug. However, some launches are plagued with more of them than others. Battlefield 6 has got off to a relatively good start, considering the size of the ...
The National Law Review

The AI Cyber Arms Race: Zero-Day Exploits in Minutes!

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Android Police

Google patches active Android exploits in its September update

Jay primarily writes news and deals posts for Android Police. Before joining AP, he spent the past several years yammering on about the crazy world of Android for various tech outlets. Besides ...
Ars Technica

What to know about ToolShell, the SharePoint threat under mass exploitation

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by ...
CoinTelegraph

Crypto seed phrase, front-end hacks drive record losses in 2025: TRM Labs

Crypto private key exploits and front-end protocol attacks account for 80% of the $2.1 billion worth of crypto that has been stolen so far this year, TRM Labs reports. Crypto private key exploits and ...