Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

KEV Collider combines data from multiple open-source vulnerability frameworks to help cybersecurity teams assess which issues ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
PCQuest

One command, full recon: Why AutoPentestX matters for Linux pentesters

AutoPentestX is an open-source Linux penetration testing toolkit that automates scanning, CVE mapping, and reporting without unsafe exploitation.

AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years ...
Game Rant

ARC Raiders Players Have Found a New Exploit That Gives PC Player an Unfair Advantage

Pam's Colecovision was her babysitter, from the age of 4 or 5, but the family only had one game. Over and over, hour after hour, she'd climb and jump through the three levels of Donkey Kong. But the ...
PC Gamer

Action RPG players will exploit anything in the name of efficiency, which is why Path of Exile 2 players are locking themselves in the campaign for profit

Roguelike Lort devs reluctantly tweak the fantasy roguelike's difficulty after players complain the Risk of Rain 2 successor is too hard: 'You are meant to die and learn how to overcome the challenge' ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Yahoo

China exploits US-funded research on nuclear technology, a congressional report says

WASHINGTON (AP) — China is exploiting partnerships with U.S. researchers funded by the Department of Energy to provide the Chinese military with access to sensitive nuclear technology and other ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
CoinTelegraph

Anthropic study says AI agents developed $4.6M in smart contract bugs

Commercial AI models were able to autonomously generate real-world smart contract exploits worth millions; the costs of such attacks are falling rapidly. Recent research by major artificial ...
IGN

Arc Raiders Patch Notes Teased a 'Very Hot Fix' for Locked Room Exploits and Now Cheaters Are Getting Cooked

Arc Raiders developer Embark Studios released update 1.4.0 this week, and in the patch notes teased a “very hot fix for the locked room exploits.” It turns out they weren’t kidding. Following the ...
vg247

The latest Arc Raiders patch is almost entirely about fixing exploits, including all the clipping through locked rooms business

A fresh Arc Raiders patch has arrived, bringing a host of new fixes to several exploits players have recently been relying on to do things they’re not supposed to, and bypass certain mechanics to get ...