The wave of attacks targeting vulnerabilities in Microsoft SharePoint continues to escalate, reaching levels of sophistication and scale not witnessed since the mass infections orchestrated by LockBit. According to Microsoft, the breaches are attributed...
Researchers at CYFIRMA have issued a warning about a new wave of cyberattacks leveraging malicious Android applications disguised as legitimate banking clients. These apps are designed to steal user credentials, intercept messages, and execute...
OpenAI is preparing to unveil its next-generation language model, GPT-5, with the official release expected as early as August. Earlier this year, reports emerged that Microsoft engineers had begun provisioning server infrastructure in anticipation...
ropr ropr is a blazing fast multithreaded ROP Gadget finder What is an ROP Gadget? ROP (Return Oriented Programming) Gadgets are small snippets of a few assembly instructions typically ending in a ret instruction which...
In the first half of 2025, researchers observed the active exploitation of a new malware loader known as CastleLoader. Since its emergence, this tool has become a central element in the distribution infrastructure for...
TerraformGoat TerraformGoat is HuoCorp research lab’s “Vulnerable by Design” multi-cloud deployment tool. Currently, supported cloud vendors include Alibaba Cloud, Tencent Cloud, Huawei Cloud, Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Scenarios ID...
Google is transforming the internet into a storefront of AI-generated summaries—and this shift could spell disaster for the entire digital economy. According to a new study by the Pew Research Center, a mere 1%...
The Leak Zone forum — widely known as a hub for publishing and distributing hacked databases, stolen credentials, and pirated software — has ironically become the source of a major data breach. According to...
Scientists from CERN’s BASE experiment (Baryon Antibaryon Symmetry Experiment) have, for the first time, successfully created and stabilized a quantum bit formed from an antiproton—the antimatter counterpart of the proton, possessing an opposite electric...
An Arizona woman has been sentenced to eight and a half years in prison for operating a covert “laptop farm” from her home, which enabled North Korean IT operatives to impersonate American tech professionals...
Brave Software has decided to block the Windows Recall feature by default in its browser, citing the protection of user privacy as the driving force behind the move. This policy now applies to all...
Six human rights organizations have filed a formal complaint with the European Commission against Alphabet, Google’s parent company, accusing it of violating the Digital Markets Act (DMA)—a cornerstone piece of EU legislation governing the...
pretender pretender is a tool developed by RedTeam Pentesting to obtain machine-in-the-middle positions via spoofed local name resolution and DHCPv6 DNS takeover attacks. pretender primarily targets Windows hosts, as it is intended to be used...
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location....
Clorox has filed a lawsuit against the global IT services provider Cognizant, accusing the company of gross negligence that allegedly led to a devastating cyberattack in August 2023. According to the complaint, Cognizant—tasked with...
Amazon was forced to urgently withdraw a compromised version of its AI-powered programming assistant, Q, after a malicious instruction was covertly embedded into the system. This rogue directive prompted the assistant to exploit command-line...
