New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or ...
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...
SecurityWeek

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have been unsuccessfully targeting CVE-2023-33538, a vulnerability in discontinued TP-Link routers, for a year.
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...
The Hacker News

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.
The Hacker News

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network ...

Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say

The Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims ...

No, McDonald’s AI bot didn’t go rogue, but ‘prompt injection’ is still a risk for companies

Once the bot broke character, users had unrestricted, unpaid access to a premium language model directly through the Amazon ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
Cryptopolitan

North Korea’s Lazarus Group targets crypto, high-value execs with ‘Mach-O Man’ macOS malware kit

North Korea's Lazarus Group has launched advanced malware targeting macOS devices. Mach-O Man, as it is called, is designed ...