Category: DarkNet

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is a Microsoft product that enables IT administrators to manage and deliver Windows updates to computers within their network. Tracked as CVE-2025-59287 and patched during this month’s Patch Tuesday, this remote code

Toys “R” Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems. The company discovered the data leak on July 30, 2025, when a threat actor posted on the dark web what they claimed to

Microsoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents. The change is already live for users who have installed this month’s Patch Tuesday security updates on Windows 11 and Windows Server systems. As Redmond explains in a

The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. The flaw is tracked as CVE-2025-61932 and has a critical severity score of 9.3. It stems from improper verification of the origin of incoming requests, and could be exploited by an unauthenticated attacker to

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. Tracked as CVE-2025-62518, this logic flaw results from a desynchronization issue that allows unauthenticated attackers to inject additional archive entries during TAR file extraction. This occurs specifically when processing nested

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. The activity was spotted by e-commerce security firm Sansec, whose researchers previously described SessionReaper as one of the most severe security bugs in the history of the product. Adobe warned about CVE-2025-54236 on September 8

Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. Today’s highlight was Ken Gannon of Mobile Hacking Lab and Dimitrios Valsamaras of Summoning Team hacking the Samsung Galaxy S25 with a chain of five security flaws, earning $50,000 and 5 Master of Pwn points. Also, while PHP Hooligans needed only a single

State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. The threat actor is also known as Static Kitten, Mercury, and Seedworm, and it typically targets government and private organizations in the Middle East region. Starting August 19, the hackers launched a phishing campaign from

Security researchers are warning that Vidar Stealer infections are likely to increase after the malware developer released a new major version with upgraded capabilities. According to an announcement from the developer this month, Vidar 2.0 has been rewritten in C, supports multi-threading data stealing, bypasses Chrome’s app-bound encryption, and features more advanced evasion mechanisms. Infostealer

The DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. Based in France, the service was built as a resilient infrastructure across several hosting providers in every member state of the European Union. The team behind DNS0.EU replaced all content on the website with a