News

New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public ...
Hackers exploit a blind spot by hiding malware inside DNS records
Researchers have known for almost a decade that threat actors sometimes use DNS records to host malicious PowerShell scripts.
Hackers Are Finding New Ways to Hide Malware in DNS Records
Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious ...
Google’s Big Sleep Foils Hackers by Spotting SQLite Flaw Before Exploit
Google’s Big Sleep AI agentic system spotted a zero-day SQLite bug after threat signals emerged, preventing hackers from ...
SecurityWeek3d
Train Brakes Can Be Hacked Over Radio—And the Industry Knew for 20 Years
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake.
SecurityWeek20h
VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
REverse Tactics has been credited by Broadcom for two CVEs: CVE-2025-41237, a critical out-of-bounds write vulnerability that can be exploited by a privileged attacker on a VM to execute arbitrary ...
Arcadia Finance exploited, $3.5M stolen and converted to WETH
Arcadia Finance has been hit by a $2.5 million exploit targeting its Rebalancer contract on Base. The attacker swapped stolen USDC and USDS for Wrapped Ethereum.
Hacker returns stolen funds from $40M GMX exploit
The hacker who stole $40 million from the GMX v1 exchange has begun returning funds after accepting a $5 million white hat ...