The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...
TMCnet

Bitsight Launches Industry's First Dark Web Intelligence for Supply Chains, Empowering Organizations to Predict and Prevent Third-Party Exploits

New capability gives security teams early warning of cyber threats across their extended attack surface and supply chain, using real-time threat intelligence mapped to an organization's unique ...
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
World Socialist Web Site

New Zealand government exploits Auckland fire to slander striking firefighters

New Zealand’s National Party-led government has seized on a fire that broke out in Auckland during a brief firefighters’ strike on January 9 to escalate a vicious propaganda campaign against the ...
CoinTelegraph

Trust Wallet will cover $7M lost in Christmas Day hack, CZ says

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...
archive

Writing a Simple Buffer Overflow Exploit (OGG Audio)

remove-circle Internet Archive's in-browser audio with external links "theater" requires JavaScript to be enabled. It appears your browser does not have it turned on ...
Ars Technica

Fraudulent gambling network may actually be something more nefarious

A sprawling infrastructure that has been bilking unsuspecting people through fraudulent gambling websites for 14 years is likely a dual operation run by a nation-state-sponsored group that is ...
CoinDesk

Balancer DAO Starts Discussing $8M Recovery Plan After $110M Exploit Cut TVL by Two-Thirds

Weeks after suffering a major exploit that drained over $110 million from its Balancer v2 vaults, Balancer DAO has begun discussing a plan to distribute roughly $8 million in recovered assets to ...
Internet of People

AI-driven phishing scams and hidden crypto exploits shake Web3 security

SBI Crypto was breached, losing $21 million in assets via a suspected laundering operation. A phishing scam targeting GMGN tricked 107 users into approving fake transactions. Honeypot token scams rose ...
IEEE

A New Technique for Counteracting Web Browser Exploits

Abstract: Over the last few years, exploit kits have been increasingly used for system compromise and malware propagation. As they target the web browser which is one of the most commonly used ...
ExtremeTech

Microsoft Rolls Out Emergency Windows Server Update Following WSUS Exploits

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...