The hacker contest Pwn2Own Ireland 2025 has concluded. This time, participants earned $1.02 million, demonstrating 73 exploits for zero-day vulnerabilities in popular devices and services. Researchers targeted smartphones, NAS devices, routers, smart home systems, and even Ray-Ban…
CONTINUE READING 🡒 Category: News
Phishers scare LastPass users with fake death certificates
The developers of the LastPass password manager warned users about a large-scale phishing campaign that began in mid-October 2025. The attackers are sending emails with fake Emergency Access requests to their password vaults, allegedly tied to users’…
CONTINUE READING 🡒 
BIND patches serious cache-poisoning vulnerabilities
Experts from the nonprofit organization that maintains Internet infrastructure, the Internet Systems Consortium (ISC), have released updates for the BIND 9 DNS server that fix three serious vulnerabilities. Two of them allow attackers to poison the cache,…
CONTINUE READING 🡒 
ChatGPT Atlas and Perplexity Comet Are Vulnerable to Sidebar Spoofing
SquareX researchers discovered a vulnerability in the agentic AI browsers ChatGPT Atlas by OpenAI and Comet by Perplexity. The AI Sidebar Spoofing attack allows attackers to spoof the built-in AI assistant sidebar and deliver malicious instructions to…
CONTINUE READING 🡒 
Microsoft releases emergency patch for Windows Server Update Services (WSUS)
Microsoft has released out-of-band patches for a critical vulnerability in Windows Server Update Services (WSUS), for which a public proof-of-concept exploit is already available. The issue is tracked as CVE-2025-59287 and allows remote code execution on vulnerable…
CONTINUE READING 🡒 
A vulnerability chain in Oracle VirtualBox enables virtual machine escape
BI.ZONE researchers discovered two vulnerabilities (CVE-2025-62592 and CVE-2025-61760) in Oracle VirtualBox. In combination, these issues allowed an escape from a VirtualBox virtual machine to the ARM-based macOS host system.
CONTINUE READING 🡒 
TP-Link warns of a critical issue in Omada gateways
TP-Link warns of four critical vulnerabilities in Omada gateways that allow arbitrary command execution and root access. More than ten models in the ER, G, and FR series are affected, and TP-Link has released firmware updates for…
CONTINUE READING 🡒 
YouTube removed 3,000 videos that spread malware
Google specialists removed from YouTube more than 3,000 videos that distributed infostealers disguised as cracked software and game cheats. Check Point researchers dubbed this campaign YouTube Ghost Network and report that it has been active since 2021,…
CONTINUE READING 🡒 
Jingle Thief group hacks companies to steal gift cards
Researchers at Palo Alto Networks have uncovered the Jingle Thief hacking group, which targets the cloud infrastructures of retailers and consumer services companies to mass-issue and steal gift cards.
CONTINUE READING 🡒 
Microsoft disables previews for files downloaded from the internet
The developers have disabled the preview feature in File Explorer (formerly Windows Explorer) for files downloaded from the internet. Now previews are automatically blocked to prevent credential theft via malicious documents.
CONTINUE READING 🡒 
Baohuo Android backdoor steals Telegram accounts
Analysts at Doctor Web have discovered the Baohuo backdoor (Android.Backdoor.Baohuo.1.origin), hidden in modified versions of the Telegram X messenger. In addition to being able to steal a user’s confidential and account data, as well as chat history,…
CONTINUE READING 🡒 
AWS Outage Took Down Eight Sleep’s Smart Sleep Systems
This week, a massive Amazon Web Services (AWS) outage knocked out not only half the internet, but also Eight Sleep’s smart sleep systems costing several thousand dollars. Users complained that some were woken by unbearable heat from…
CONTINUE READING 🡒 
Proposal to bring white‑hat hackers’ work under FSB oversight
Media outlets, citing their own sources, report that a new version of a bill to legalize white-hat hackers is in the works. The Federation Council, the FSB, the Interior Ministry (MVD), and infosec companies are discussing the…
CONTINUE READING 🡒 
TARmageddon Vulnerability Affects Rust async-tar Library, Enables Remote Code Execution
A critical vulnerability, dubbed TARmageddon, was discovered in the abandoned async-tar library and its forks (including tokio-tar), which allows remote execution of arbitrary code.
CONTINUE READING 🡒 
Court bans NSO Group from targeting WhatsApp users with Pegasus…
A federal court has ordered the Israeli company NSO Group (developer of the commercial spyware Pegasus) to stop using the spyware to target and attack WhatsApp** users.
CONTINUE READING 🡒 
PassiveNeuron Attacks Servers of Large Organizations in Multiple Countries
Researchers from Kaspersky Lab analyzed a new wave of PassiveNeuron infections that lasted from December 2024 to August 2025. The attacks affected government, financial, and industrial organizations in Asia, Africa, and Latin America. A distinctive feature of…
CONTINUE READING 🡒 
ColdRiver group uses ClickFix attacks and fake CAPTCHAs
Specialists from the Google Threat Intelligence Group (GTIG) report that the Russian-speaking hacker group ColdRiver is stepping up its activity and employing new malware families (NoRobot, YesRobot, MaybeRobot), which are deployed via complex delivery chains starting with…
CONTINUE READING 🡒 
Positive Technologies helped fix vulnerabilities in Broadcom network adapter firmware
Positive Labs specialist Alexey Kovrizhnykh helped eliminate two vulnerabilities in the firmware of high-speed network adapters from the American company Broadcom, which are used in servers and data center equipment.
CONTINUE READING 🡒 
DNS0.EU DNS service shuts down due to lack of time…
This week, the service team replaced all the content on its website with a short announcement about shutting down.
CONTINUE READING 🡒 
PolarEdge botnet targets Cisco, ASUS, QNAP, and Synology devices
Researchers at Sekoia have examined the inner workings of the PolarEdge botnet. First described by the company’s specialists in February 2025, the malware is linked to a campaign targeting Cisco, ASUS, QNAP, and Synology devices. The devices…
CONTINUE READING 🡒