StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware ...
GovInfoSecurity

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...
GamesRadar+

New PS5 and PS4 jailbreak exploits trigger a 1,000% surge in prices for an obscure remaster of the 24-year-old Star Wars Racer Revenge, with copies reaching $300

There have been a variety of developments in the PS5 hacking scene over the past handful of days, and it's all pointing to a happy new year for jailbreakers – and owners of the disc edition of Star ...
PC Gamer

Action RPG players will exploit anything in the name of efficiency, which is why Path of Exile 2 players are locking themselves in the campaign for profit

Third Person Shooter Do I regret yeeting my blueprints and loot-filled stash into Arc Raiders Expedition? No, it actually made the game fun again RPG Baldur's Gate 3's lead writer hopes we won't want ...
Hosted on MSN

Gnosis Chain undergoes hard fork to recover $9.4 million frozen amid Balancer V2 exploit

Gnosis Chain has confirmed that it has executed a hard fork to recover approximately $9.4 million in funds frozen following the November 2025 Balancer V2 exploit. The hard fork activated on December ...
WVEC

Scammers exploit holidays to target Dominion Energy customers with payment threats

NORFOLK, Va. — Scammers are targeting Dominion Energy customers as the holidays get closer. Right around Thanksgiving and Christmas, the call rate for utility scams often skyrockets. Cherise Newsome, ...
Forbes

iOS 26.2—Update Now Warning Issued To All iPhone Users

Screenshot iOS 26.2 fixes 26 flaws in Apple’s iOS software, two of which are already being used in real-life attacks. Update Dec. 14: This article, originally published on Dec. 13, has been updated to ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: Top ...
CSOonline

Cloudflare firewall reacts badly to React exploit mitigation

Cloudflare’s network suffered a brief but widespread outage Friday, after an update to its Web Application Firewall to mitigate a vulnerability in React Server Components went wrong. At 9:09 a.m. UTC, ...