Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
CSO Online

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
Security Boulevard

Real Attacks of the Week: How Spyware Beaconing and Exploit Probing Are Shaping Modern Intrusions

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...
Polygon

Dark Souls PvP servers taken offline to fix dangerous exploit

FromSoftware and Bandai Namco are temporarily closing down player-versus-player multiplayer access to the Dark Souls games on Windows PC after a dangerous remote code execution (RCE) exploit became ...

Google links more Chinese hacking groups to React2Shell attacks

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
CSO Online

Gladinet servers file-sharing servers allow remote code execution

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
Ars Technica

Vulnerability with 9.8 severity in Control Web Panel is under active exploit

Malicious hackers have begun exploiting a critical vulnerability in unpatched versions of the Control Web Panel, a widely used interface for web hosting. “This is an unauthenticated RCE,” members of ...
Bleeping Computer

Public Windows PrintNightmare 0-day exploit allows domain takeover

Update: Microsoft acknowledged PrintNightmare as a zero-day that has been affecting all Windows versions since before June 2021 security updates. Technical details and a proof-of-concept (PoC) exploit ...
Ars Technica

CD-indexing cue files are the core of a serious Linux remote code exploit

It has been a very long time since the average computer user thought about .cue files, or cue sheets, the metadata bits that describe the tracks of an optical disc, like a CD or DVD. But cue sheets ...
Polygon

Dark Souls maker fixing dangerous PC exploit, looking at impact on Elden Ring

Dark Souls series developer FromSoftware and publisher Bandai Namco offered fans an update on Wednesday on the dangerous exploit found in the Windows PC version of the games, which led to the ...
Gizmodo

Users Exploit a Twitter Remote Work Bot to Claim Responsibility for the Challenger Shuttle Disaster

Using an exploit in the AI language model, users have used a Twitter AI to post ASCII art and make ‘credible threats’ against the president. Reading time 3 minutes Have you ever wanted to gaslight an ...
PC World

Hacker publishes alleged zero-day exploit for older Plesk versions

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject ...