New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. [...]
AI Tools Can Steal Crypto Autonomously, Even From Audited CodeArmed with just a smart contract address, researchers developed an autonomous artificial intelligence tool that can scan for vulnerabilities, write working exploits in the Solidity blockchain programming language and siphon funds. "It behaves more like a human hacker," said its co-creator.
But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks
AI Models Mostly Fail in Full Track of Vulnerability Research to ExploitThe rise of code-illiterate but AI-enabled script kiddies able to wreak havoc by weaponizing software vulnerabilities into automated exploits, thanks to expert-level assistance from large language models, remains but a future possibility, based on exploit-writing tests of 50 LLMs.
In what's an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract
ESET Discovers Two Major Vulnerabilities Exploited by Russian RomCom Hacking GroupTwo vulnerabilities in Mozilla products and Windows are actively exploited by RomCom, a Kremlin-linked cybercriminal group known for targeting businesses and conducting espionage, warn security researchers from Eset. Exploiting the two flaws together enables attackers to execute arbitrary code.
UNC5174 Exploited F5 BIG-IP and ScreenConnect VulnerabilitiesA likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant. Rapid exploitation of newly patched flaws has become a hallmark of Chinese threat actors.
Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022