Dark Reading

Attackers Use New Tool to Scan for React2Shell Exposure

Researchers say threat actors used the sophisticated — and unfortunately named — toolkit to target high-value networks for ...
CSO Online

Software developers: Prime cyber targets and a rising risk vector for CISOs

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...
Bleeping Computer

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is ...
CoinTelegraph

SwapNet exploit drains up to $13.3M from Matcha Meta users

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...
Bleeping Computer

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious ...