One of the largest supply-chain attacks ever recorded in the npm ecosystem has been uncovered, marking a historic
The post 150,000 Package Flood: Amazon Uncovers Massive Token-Farming Attack on npm Registry appeared first on Penetration Testing Tools.
ASUS has released new firmware addressing a critical authentication-bypass vulnerability affecting several DSL-series home routers. Catalogued as CVE-2025-59367,
The post Critical Flaw in ASUS DSL Routers Allows Authentication Bypass Without Credentials appeared first on Penetration Testing Tools.
The Kubernetes community has resolved to retire one of the ecosystem’s most prominent projects — Ingress NGINX. Development
The post Ingress NGINX is Retiring: Kubernetes Sunsets Controller Due to Technical Debt & Security Flaws appeared first on Penetration Testing Tools.
The UK Competition Appeal Tribunal has examined one of Microsoft’s most unusual arguments in recent years and declined
The post UK Court Rejects Microsoft’s Claim That Licence Resale is a Copyright Breach appeared first on Penetration Testing Tools.
Microsoft’s Head of Windows, Pavan Davuluri, found himself under fire several days ago after outlining plans to transform
The post Microsoft Responds to ‘Agentic OS’ Backlash: Windows Head Acknowledges Long-Standing Flaws appeared first on Penetration Testing Tools.
WiFi 7, the latest generation of wireless networking, promises breathtaking speeds and far greater stability — yet it
The post WiFi 7 Warning: Multi-Link Operation (MLO) Creates New Security Risks appeared first on Penetration Testing Tools.
The automaker Jaguar Land Rover has released its financial results for the period from July to September, confirming
The post JLR Cyberattack Cost Revealed: £196 Million Loss & £485 Million Quarterly Deficit appeared first on Penetration Testing Tools.
The recent surge in activity surrounding an XWiki vulnerability underscores how swiftly weaknesses in widely used platforms can
The post CVE-2025-24893: XWiki Zero-Day Exploited by RondoDox Botnet and Cryptominers appeared first on Penetration Testing Tools.
The United States has announced a new series of guilty pleas in a case involving schemes that enabled
The post DOJ Secures Guilty Pleas in North Korea’s Remote IT Worker & Laptop Farm Schemes appeared first on Penetration Testing Tools.
In several countries, recent months have brought a new wave of covert surveillance operations targeting defense institutions and
The post APT42 Escalation: ‘SpearSpecter’ Targets Officials and Relatives with Custom Malware appeared first on Penetration Testing Tools.
Logitech has informed the U.S. Securities and Exchange Commission (SEC) that it experienced unauthorized data exfiltration as a
The post Logitech Discloses Data Exfiltration via Third-Party Zero-Day Vulnerability appeared first on Penetration Testing Tools.
Akira’s sustained activity continues to alarm investigators in the United States and Europe, who released an updated set
The post Akira Ransomware Hits $244M: FBI Warns of New VPN Exploitation Tactics appeared first on Penetration Testing Tools.
A nearly forgotten utility command has unexpectedly returned to the spotlight after being discovered in new infection chains
The post Relic Weaponized: Obscure ‘finger’ Command Used to Download Malware on Windows appeared first on Penetration Testing Tools.
JonMon-Lite is a research proof-of-concept “Remote Agentless EDR” that creates an ETW Trace Session through a Data Collector
The post JonMon-Lite: The Remote Agentless EDR Proof-of-Concept for ETW Trace Monitoring appeared first on Penetration Testing Tools.
Ahead of the major pre-holiday sales, a new cause for concern has emerged: popular children’s toys equipped with
The post Dangerously Unsafe: AI Toys Like Kumma and Miko 3 Give Children Harmful Instructions appeared first on Penetration Testing Tools.
Ensuring that older software continues to function on newer versions of Windows has been a challenge shadowing Microsoft
The post Handcrafted Fixes & Secret Patches: The Wild History of Windows 95 Compatibility appeared first on Penetration Testing Tools.
The payment service Checkout.com has faced an extortion attempt: the ShinyHunters group claimed to have obtained data linked
The post ShinyHunters Extortion: Checkout.com Hacked via Neglected Legacy Cloud Storage appeared first on Penetration Testing Tools.
A Chinese cyber-espionage group designated by Anthropic as GTG-1002 exploited the capabilities of the Claude Code model in
The post First AI-Orchestrated Cyber-Espionage: Claude Code Executed 80%+ of China-Linked Intrusion appeared first on Penetration Testing Tools.
Microsoft has finally closed the loophole that long sustained one of the most widespread illicit methods of activating
The post KMS38 Loophole Closed: Microsoft Finally Kills Offline Windows Activation Method appeared first on Penetration Testing Tools.
Red Hat compiler engineer Marek Polacek has proposed making the C++20 standard — more precisely, the GNU++20 dialect
The post C++20 Default: Red Hat Proposes Making the Latest Standard the Default in GCC appeared first on Penetration Testing Tools.
