A critical vulnerability has been discovered in XSpeeder devices that could allow unauthenticated remote execution of arbitrary code.
The post The AI-Found Zero-Day: Critical CVE-2025-54322 Leaves 70,000 XSpeeder Devices Exposed appeared first on Penetration Testing Tools.
A new wave of malicious extensions has been uncovered in the Open VSX extension marketplace, which is used
The post GlassWorm’s macOS Gambit: The Invisible Worm Draining Developer Wallets via Open VSX appeared first on Penetration Testing Tools.
Robin is an AI-powered tool for conducting dark web OSINT investigations. It leverages LLMs to refine queries, filter
The post Robin: The AI-Powered “Sidekick” for Dark Web OSINT Investigations appeared first on Penetration Testing Tools.
KittyLoader is a highly evasive loader written in C / Assembly. Features Hijacks early execution by replacing the
The post The Ghost in the Kernel: Inside KittyLoader’s Elite Anti-Analysis Arsenal appeared first on Penetration Testing Tools.
A serious incident caused by ransomware has struck Romania’s largest coal-fired power producer, Oltenia Energy Complex. The attack,
The post The Gentlemen’s Heist: Ransomware Cripples Romania’s Largest Coal Power Giant appeared first on Penetration Testing Tools.
At the recent Chaos Communication Congress in Germany, a new warning was issued about the risks associated with
The post AgentHopper Alert: How a Single Web Sentence Can Hijack Your AI Assistant appeared first on Penetration Testing Tools.
Cyber-espionage attributed to the Chinese group HoneyMyte—also known as Mustang Panda and Bronze President—has reached a new level.
The post The Kernel Ghost: Mustang Panda’s New Rootkit Blinds Antivirus to Deploy ToneShell appeared first on Penetration Testing Tools.
Coinbase has reported the first arrests in its investigation into the sale of customer data: police in Hyderabad,
The post The Mole in the Machine: New Arrests in Coinbase’s $400M Insider Data Scandal appeared first on Penetration Testing Tools.
A dangerous vulnerability has been discovered in the Trust Wallet browser extension, potentially allowing attackers to steal users’
The post How a Hidden Backdoor Drained $7M from Trust Wallet appeared first on Penetration Testing Tools.
South Korea’s Ministry of Science and ICT has stated that Korea Telecom (KT) may have exposed its subscribers
The post The Femtocell Fallout: How a Single “Master Key” Exposed Millions of KT Users appeared first on Penetration Testing Tools.
A foreign hacker who stole cryptocurrency worth more than 1.7 billion won (approximately $1.18 million) using malware that
The post The Extradition of a Memory Thief: How a Fake Windows Tool Stole $1.2M in Crypto appeared first on Penetration Testing Tools.
U.S. and Australian cybersecurity authorities have confirmed that hackers are already exploiting a newly disclosed vulnerability in MongoDB-based
The post MongoBleed Emergency: 87,000 Databases Leaking Secrets as Hackers Bypass Login appeared first on Penetration Testing Tools.
Vulnerabilities discovered in wireless headphones powered by Airoha chips have opened the door to remote compromise of the
The post The Audio Backdoor: How Your Premium Headphones Could Hack Your Phone appeared first on Penetration Testing Tools.
Windows 11 continues to accrete web components virtually everywhere—from Discord and Teams to WhatsApp, Windows Search, the Start
The post Web-Enshittification: Why the Creator of JavaScript Says Windows 11 is Broken appeared first on Penetration Testing Tools.
A hacker using the alias Lovely has published a database containing the personal information of WIRED subscribers on
The post Hacker “Lovely” Leaks 2.3M WIRED Subscriber Records appeared first on Penetration Testing Tools.
BlueTriage has appeared on GitHub—a lightweight tool designed for rapid analysis of Windows logs. It ingests security events
The post Skip the SIEM: BlueTriage Delivers Instant Incident Reports from Raw Logs appeared first on Penetration Testing Tools.
In 2025, cybercrime has increasingly moved beyond the realm of “just money.” Behind today’s attacks lie not only
The post Beyond the Balance Sheet: The Tragic Rise of Cyber-Physical Violence in 2025 appeared first on Penetration Testing Tools.
A critical vulnerability has been discovered in the LangChain ecosystem that allows attackers to steal sensitive data and
The post The LangGrinch Stole Your Keys: Critical LangChain Flaw Enables Data Theft appeared first on Penetration Testing Tools.
At OpenAI, discussions have once again resurfaced around the potential introduction of advertising in ChatGPT—this time in the
The post The End of Ad-Free AI? OpenAI’s Plan to Put “Sponsored Answers” in ChatGPT appeared first on Penetration Testing Tools.
A critical vulnerability has been discovered in MongoDB that allows a remote attacker to access uninitialized server memory
The post MongoBleed Alert: Critical Flaw Leaking Your Database Secrets appeared first on Penetration Testing Tools.
