TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...
Wired

A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon

The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware. The ad ...
IGN

Arc Raiders Players Stunned After Exploit Hotfix Results in Widespread Reports of a New Inventory Glitch

Arc Raiders players have gathered to applaud Embark Studios after it took just one day to tackle new duplication and infinite ammo exploits – even though reports of a new inventory glitch have already ...
CoinTelegraph

Truebit exploit exposes smart-contract flaw behind $26M token mint

Truebit lost $26 million after a smart-contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%. A $26 million exploit of the offline computation protocol ...
PC Gamer

Arc Raiders removes a hidden first-person exploit just 1 day after it was uncovered: 'This feature was never meant to be player-facing'

Third Person Shooter 'Embark better not be giving streamers a pass on cheating': Tfue gets unbanned from Arc Raiders in less than 24 hours, and ordinary raiders aren't happy Third Person Shooter Arc ...
Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
Forbes

Hack Your Own Password — Windows Users Urged To Take Action Now

When you think of cyberattacks that compromise your account security, maybe you envisage Microsoft zero-day vulnerabilities being exploited in your software, or perhaps a hacker using ...
CSOonline

React2Shell is the Log4j moment for front end development

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
The Chronicle of Higher Education

An Apparent Mass Hack at Penn Exposes Higher Ed’s Security Weaknesses

An apparent mass data breach and document leak have disrupted the University of Pennsylvania over the past five days, sparking a lawsuit and a broader conversation about higher education’s security ...
CoinDesk

Memecoin Launchpad Odin.fun Suffers $7M Liquidity Exploit

Hackers drained 58.2 bitcoin BTC $68,534.82, worth about $7 million, from memecoin launchpad Odin.fun in a sophisticated liquidity manipulation exploit that is being linked to China-based hacking ...