The Hacker News

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

ESET says Gentlemen RaaS gives affiliates a GentleKiller EDR-killer suite targeting 400 processes across 48 security tools.
Semiconductor Engineering

Breaking The “Unhackable” Xbox One

For more than a decade, the Xbox One stood out as one of the most resilient consumer devices ever built. While other consoles from the same era were eventually jailbroken or modified, the Xbox One ...
techtimes

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

If you have searched for how to install Claude Code, Cline, JetBrains, or any other popular AI development tool since March 2026, you may have landed on one of the most technically sophisticated ...
Latest Hacking News

What Is a Buffer Overflow? The Bug That Keeps Driving Critical CVEs

A buffer overflow happens when a program writes more data into a memory buffer than the buffer can hold. The extra bytes land in adjacent memory, corrupting whatever was there. If an attacker controls ...
Hosted on MSN

Russia-linked APT28 attackers already abusing new Microsoft Office zero-day

Russia-linked attackers are already exploiting Microsoft's latest Office zero-day, with Ukraine's national cyber defense team warning that the same bug is being used to target government agencies ...
IEEE

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Abstract: Developing a remote exploit is not easy. It requires a comprehensive understanding of a vulnerability and delicate techniques to bypass defense mechanisms. As a result, attackers may prefer ...
techtimes

X.Org Server Fixes Nine Flaws: AI Found Eight in Fourth Batch This Year

Nine security vulnerabilities in X.Org Server and XWayland were disclosed and patched on June 2, 2026 — the fourth time this year that AI-assisted code analysis has surfaced new flaws in the aging ...
Bitdefender

Technical Advisory: FortiBleed Credential Exposure Campaign Targeting Internet-Facing Fortinet Devices

FortiBleed is an active credential-exposure campaign targeting internet-facing Fortinet FortiGate firewalls and FortiOS SSL VPN gateways (the remote-access endpoints that allow employees to connect to ...
The Hacker News

CloudFlare | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The ...
WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
GitHub

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

Resources under the "recommended" section of each chapter are the ones I would personally recommend to study with - all the other resources are also great but should be seen as either "fundamentals ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...