The Hacker News

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

The Kimwolf botnet compromised more than 2 million Android devices, turning them into residential proxies for DDoS attacks and traffic abuse.

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...
The Hacker News

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

Magecart web skimming campaign active since 2022 stealing credit card and personal data from compromised e-commerce checkout ...
SecurityWeek

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

GoBruteforcer botnet fueled by server deployments with weak credentials and legacy web is targeting cryptocurrency and ...
GitHub

ESP8266/ESP32 UMTX2 Jailbreak Host for PlayStation 5 (FW 1.00–5.50)

Lightweight web server for ESP8266/ESP32 boards that hosts the PlayStation 5 UMTX2 Jailbreak for firmware versions 1.00–5.50, with minor modifications to enable caching, data compression and access to ...
IEEE

A Web Protection Model Against Internationalized Domain Name Homograph Exploits

Abstract: Internationalized Domain Names (IDNs) enhance global accessibility by supporting Unicode characters in web addresses. However, this capability introduces new security vulnerabilities, ...
Associated Press

China exploits US-funded research on nuclear technology, a congressional report says

Copyright 2026 The Associated Press. All Rights Reserved. Copyright 2026 The Associated Press. All Rights Reserved. Flags of the U.S. and China are displayed at the ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
acm.org

The Dangers of Zero-Day Exploits

“It’s mine! I saw it first!” That’s what you might expect to hear from a child who’s found money or a toy, and it’s how cybercriminals respond to finding zero-day vulnerabilities, or holes in networks ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...
SecurityWeek

Exploitation of React2Shell Surges

An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. An increasing number of threat actors have been attempting to exploit the ...
IEEE

AI-Driven Penetration Testing: Automating Exploits with LLMs and Metasploit-A VSFTPD Case Study

Abstract: Penetration testing, a critical cybersecurity practice, is often bottlenecked by manual exploit selection and payload crafting. We propose a novel framework integrating Large Language Models ...