Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...

This repository provides a daily, automatically updated JSON dataset detailing which exploits within the Metasploit Framework are associated with specific Common Vulnerabilities and Exposures (CVE) ...

Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. A Chinese threat actor built an exploit for three VMware ESXi vulnerabilities that were patched ...

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...

Add Decrypt as your preferred source to see more of our stories on Google. Anthropic tested ten AI models on 405 historical smart contract exploits and reproduced 207 of them. Three models generated ...

Commercial AI models were able to autonomously generate real-world smart contract exploits worth millions; the costs of such attacks are falling rapidly. Recent research by major artificial ...

Crypto platforms lost $127 million to hacks and scams in November, with total attempted exploits exceeding $172 million, according to CertiK. An $113 million Balancer exploit dominated monthly losses, ...

Researchers disclosed a HashJack attack that manipulates AI browsers. Cato CTRL examined Comet, Copilot for Edge, and Gemini for Chrome. Could lead to data theft, phishing, and malware downloads.

Earlier this year, a developer was shocked by a message that appeared on his personal phone: “Apple detected a targeted mercenary spyware attack against your iPhone.” “I was panicking,” Jay Gibson, ...

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the ...

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...