Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Linux Journal

The Growth of Vulnerability Management: The Rise of Agentic AI Pentesting

Autonomous Agents: Solutions like XBOW provide a more independent experience by allowing the AI to create its own logic or ...
SecurityWeek

No Exploits Required

RunZero’s Tod Beardsley explores why the architecture of modern networks creates security challenges that patches and CVEs ...
CoinTelegraph

Gnosis Pay exploit hits delay module as team pledges refunds

Gnosis Pay faces an active exploit in its delay module as co‑founder Martin Köppelmann walks back a warning urging users to withdraw funds and vows to repay those affected. Update (June 2 at 10:30 am ...
LinkedIn

Metasploit Explained: My Extensive Guide for Beginners and Practitioners

How to use a module in Metasploit Using modules in Metasploit is pretty straightforward. You just have to input use and the specific module name. If you already listed a number of available modules, ...
Dark Reading

AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners ...
CoinTelegraph

Squid and Safe Labs say third-party module behind $3.2M exploit

A third-party module drained about $3 million from Safe wallets, with Squid attributing the incident to an external Safe module, saying its core systems were unaffected. A suspected third-party Safe ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
CoinDesk

Thorchain halts trading after $10 million cross-chain exploit, RUNE token drops 12%

Thorchain was exploited for about $10.8 million across four blockchains on Friday, prompting the protocol to halt all trading and signing operations. Wallets linked to the attacker currently hold ...
Ars Technica

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.
CSOonline

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover high-level logic flaws. The Google Threat Intelligence Group (GTIG) today released ...