Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...

As AI gets more heavily integrated into Windows, enhanced cybersecurity is required to prevent it from being used against us. Take Reprompt, for example. Reprompt is a Copilot exploit, that can use ...

Cybercriminals are using are increasingly using a sneaky browser-in-the-browser (BitB) attack technique in efforts to steal login credentials of Facebook users. According to analysis by cybersecurity ...

Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. A Chinese threat actor built an exploit for three VMware ESXi vulnerabilities that were patched ...

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far ...

An OS command injection vulnerability in discontinued D-Link gateway devices has been exploited in the wild as a zero-day. Tracked as CVE-2026-0625 (CVSS score of 9.3), the security defect exists ...

Attackers are actively exploiting a zero-day vulnerability in multiple discontinued D-Link DSL gateway devices to execute arbitrary shell commands on affected products. Most of the gateways under ...

A wallet exploit is draining small amounts from hundreds of crypto wallets. ZachXBT has flagged a suspicious address as losses exceed $107,000 and keep rising. Phishing emails and browser extension ...