Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...
The Hacker News

Password Reuse in Disguise: An Often-Missed Risky Workaround

Near-identical password reuse bypasses security policies, enabling attackers to exploit predictable patterns using breached ...

Wave of Citrix NetScaler scans use thousands of residential proxies

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of ...
Cyber Defense Magazine

The New Face of Cyber Threats: From Scattered Spider to North Korea’s Phantom Workforce

In today's hyperconnected digital world, the threat landscape has evolved far beyond lone hackers and opportunistic malware.

Your assistant, your machine, your risk: Inside OpenClaw's security challenge

Creator Peter Steinberger is explicit in OpenClaw’s documentation that running an AI agent this close to the operating system comes with serious implications.
TechBooky

Microsoft To Turn Off NTLM By Default In Future Windows

Cyber Security News In order to prioritise more secure Kerberos-based authentication and due to security flaws that leave ...
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Microsoft Issues Emergency Patch for Active Office Zero-Day

Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security ...
GovInfoSecurity

Hanging Up on ShinyHunters: Experts Detail Vishing Defenses

Amidst persistent voice phishing campaigns designed to trick employees and steal sensitive corporate data, security experts recommend organizations deploy ...

Google says a WinRAR exploit for Windows is in 'widespread' use by government-backed threat actors 'linked to Russia and China'

Google has warned that well-known and already-patched exploit for the WinRAR file archiving and compression tool for Windows ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Attacks on WinRAR vulnerability continue

Anyone who has WinRAR on their computer should ensure they install the latest version. Google warns of active attacks.