Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.

Notifications You must be signed in to change notification settings This repository contains a list of freely available resources that can be used as a pre-requisite before enrolling in Offensive ...

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

Pwn2Own hackers use $150,000 exploit on VMware ESXi. The elite hackers attending Pwn2Own in Berlin have made hacking history by successfully deploying a zero-day exploit against VMware ESXi. Having ...

Operation Zero, a company that acquires and sells zero-days exclusively to the Russian government and local Russian companies, announced on Thursday that it’s looking for exploits for the popular ...

You don’t need to open up your Xbox 360 console for this mod, but you will need some time and patience. You don’t need to open up your Xbox 360 console for this mod, but you will need some time and ...

A new iPhone update patches a flaw that could allow an attacker to turn off a nearly seven-year-old USB security feature. Apple’s release notes for iOS 18.3.1 and iPadOS 18.3.1 say the bug, which ...

This paper presents a new technique for exploiting heap overflows in JavaScript interpreters. Briefly, given a heap overflow, JavaScript commands can be used to insure that a function pointer is ...