Researchers at StrikeReady uncovered a targeted campaign exploiting a zero-day in the Zimbra Collaboration Suite (ZCS) — a
The post Zimbra Zero-Day (CVE-2025-27915) Actively Exploited to Steal Credentials via Malicious Calendar Invites appeared first on Penetration Testing Tools.
Oracle has warned of a zero-day vulnerability in E-Business Suite, designated CVE-2025-61882, that permits unauthenticated remote arbitrary code
The post Oracle EBS Zero-Day CVE-2025-61882 (CVSS 9.8) Being Actively Exploited by Clop Ransomware appeared first on Penetration Testing Tools.
The LayerX team has disclosed the mechanics of a novel attack dubbed CometJacking, which exploits the AI-enabled Comet
The post CometJacking Attack Hijacks Perplexity’s AI Browser to Steal Gmail and Calendar Data with One Click appeared first on Penetration Testing Tools.
The hacker group Confucius, active in South Asia since at least 2013, has intensified malicious operations against Pakistani
The post Confucius APT Targets Pakistan with WooperStealer and New Python-Based Anondoor Backdoor appeared first on Penetration Testing Tools.
Researcher RyotaK of GMA Flatt Security discovered a serious vulnerability in the Unity game engine—tracked as CVE-2025-59489—which allows
The post Critical Unity Flaw CVE-2025-59489 Exposes Games Built Since 2017 to Local Code Execution appeared first on Penetration Testing Tools.
In a complex attack chain that blends malicious advertising, DNS-based control, and multi-stage delivery schemes, researchers at Infoblox
The post Detour Dog: Stealthy DNS Malware Campaign Hijacks 30,000+ Websites to Deliver Strela Stealer appeared first on Penetration Testing Tools.
AI-Powered CAPTCHA Solver This project is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI’s
The post AI CAPTCHA Solver: New Tool Uses GPT-4o and Gemini to Beat Various Web Security Challenges appeared first on Penetration Testing Tools.
Opera has unveiled a new experimental browser, Neon, described as an “agent browser” — one where the management
The post Opera Unveils Neon: A $19.90/Month Agent Browser That Delegates Web Tasks to AI appeared first on Penetration Testing Tools.
The Raspberry Pi Foundation has released a new version of its operating system — Raspberry Pi OS Trixie,
The post Raspberry Pi OS Trixie Released: Solves the Year 2038 Problem and Unveils New Control Centre appeared first on Penetration Testing Tools.
Earlier this week, we reported on a cyberattack targeting the Japanese brewing giant Asahi, which brought nearly all
The post Asahi Super Dry Supply Crisis Looms in Japan After Cyberattack Halts Production appeared first on Penetration Testing Tools.
Linux creator Linus Torvalds has once again publicly criticized developers—this time drawing attention to text and code formatting
The post “Utterly Insane”: Linus Torvalds Slams Rust’s rustfmt for Making Kernel Code “Less Maintainable” appeared first on Penetration Testing Tools.
Since the beginning of 2025, NETSCOUT experts have been observing an active wave of DDoS attacks attributed to
The post Keymous+ DDoS Attacks Surge 4X in Power, Coordinated Strikes Target Global Organizations at Start of Business Day appeared first on Penetration Testing Tools.
The group Lunar Spider—also known under the aliases Gold SwathMore and Elara—has ramped up a new malicious campaign
The post Lunar Spider Campaign: FakeCAPTCHA Used to Exploit CORS Flaws and Deliver Latrodectus Loader appeared first on Penetration Testing Tools.
A hacker collective known as UAT-8099 is presently conducting an active campaign to promote malicious content in search
The post Cisco Talos Exposes UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft appeared first on Penetration Testing Tools.
The vulnerability rewards platform HackerOne has announced that over the past twelve months, white-hat hackers around the world
The post HackerOne Payouts Hit $81 Million: AI Vulnerability Reports Soar by Over 200% appeared first on Penetration Testing Tools.
In September 2025, Microsoft began gradually discontinuing support for embedded SVG images in Outlook for the web and
The post Microsoft Discontinues Embedded SVG Support in Outlook for Enhanced Security appeared first on Penetration Testing Tools.
Windows 11 has received another major update — version 25H2, officially known as Windows 11 2025 Update. This
The post Windows 11 2025 Update (25H2) Focuses on Security and Legacy Component Removal appeared first on Penetration Testing Tools.
Amid the ongoing duel between Linux kernel developers and authors of malicious modules, each kernel release reshuffles the
The post FlipSwitch Rootkit Bypasses Linux Kernel 6.9 Defenses with Surgical Bytecode Hooking appeared first on Penetration Testing Tools.
The final release of OpenSSL 3.6 has been officially published — the culmination of the collective efforts of
The post OpenSSL 3.6 Released: Major Cryptography Update Adds LMS Signatures and NIST PKEY Support appeared first on Penetration Testing Tools.
On September 29, the Intermediate People’s Court of Wenzhou delivered a verdict in the high-profile case of the
The post China Sentences 11 Members of Myanmar’s Min Clan Crime Syndicate to Death appeared first on Penetration Testing Tools.
