Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
IEEE

AI-Driven Penetration Testing: Automating Exploits with LLMs and Metasploit-A VSFTPD Case Study

Abstract: Penetration testing, a critical cybersecurity practice, is often bottlenecked by manual exploit selection and payload crafting. We propose a novel framework integrating Large Language Models ...
thecyberexpress

Sanctioned Spyware Vendor Used iOS Zero-Day Exploit Chain Against Egyptian Targets

Google Threat Intelligence Group discovered a full iOS zero-day exploit chain deployed in the wild against targets in Egypt, revealing how sanctioned commercial surveillance vendor Intellexa continues ...
Forbes

Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Admit it: the first thing you think of when ransomware is ...
PCGamesN

Battlefield 6 dev promises to fix its most ridiculous movement exploit

I've never seen a game launch without a single bug. However, some launches are plagued with more of them than others. Battlefield 6 has got off to a relatively good start, considering the size of the ...
The Hacker News

Cybercriminals Exploit X's Grok AI to Bypass Ad Protections and Spread Malware to Millions

Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass social media platform X's malvertising protections and propagate malicious links using its artificial ...
Bleeping Computer

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...
TechRepublic

Apple Patches Zero-Day Exploit Targeting Google Chrome Users

A zero-day exploit targeted Google Chrome users has been patched by Apple. Their latest updates target a variety of devices and operating systems. Image: MR/Adobe Stock Apple recently issued a round ...
Ars Technica

Hackers exploit a blind spot by hiding malware inside DNS records

Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names to their corresponding numerical IP addresses.
tech2geek

Top 17 Penetration Testing Tools for Ethical Hackers in 2025

In today’s digital landscape, cybersecurity is paramount. With cyber threats evolving at an unprecedented rate, organizations must proactively safeguard their systems and data. One of the most ...
CoinTelegraph

How $220M was stolen in minutes: Understanding the Cetus DEX exploit on Sui

When liquidity attracts attackers: What went wrong on Cetus? On May 22, 2025, Cetus Protocol, the primary decentralized exchange (DEX) on the Sui blockchain, suffered a major hack, marking one of the ...