Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
IEEE

Exploit Security for Low-Altitude Economy: A SWIPT-Driven Strategy With UAV-Mounted MF-RIS

Abstract: The low-altitude economy (LAE) is emerging as a critical enabler for next-generation (6G) networks. In this correspondence, we propose a secure and energy-efficient simultaneous wireless ...
TechRepublic

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice Your email has been sent Google’s AI agent Big Sleep identified the critical vulnerability CVE-2025-6965 before cybercriminals could ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...
IEEE

Exploit Linux VIM Configuration Backdoor and Mitigation : Strategies to run scripts via a VIM backdoor and mitigation techniques

Abstract: The Vim text editor, due to its significant scripting capabilities (Vimscript) and legitimate features like modeline and autocmd, presents a unique attack surface often overlooked by ...
TechCrunch

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.

Security researchers have uncovered a series of cyberattacks targeting Apple customers across the world. The tools used in these hacking campaigns have been dubbed Coruna and DarkSword, and they have ...
Dark Reading

Coruna, DarkSword & Democratizing Nation-State Exploit Kits

Coruna, a high-grade mobile exploit kit armed with zero-day vulnerabilities for high-level espionage efforts, turns out to have links to 2023's Operation Triangulation spyware campaign, researchers ...
The Hacker News

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation ...
PC Magazine

Update Your iPhone Now: 'DarkSword' Leak Puts Millions at Risk of Hacks

Leaking the code is a double-edged sword; although cybercriminals can quickly adopt it for their own schemes, publicizing the exploit techniques can also force the entire industry to bolster its ...
winbuzzer.com

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

Security researchers warned this week that an unidentified person leaked DarkSword, a government-grade iOS exploit kit, onto GitHub on March 23, exposing a tool so simple that anyone can deploy it ...
Android Authority

A severe iPhone exploit is now public, and anyone can use it

DarkSword, a serious iPhone exploit kit, just leaked on GitHub. If your device is running iOS 18.4 through 18.7 — or legacy versions 15.8.7 or 16.7.15 — you’re vulnerable. Contacts, messages, call ...