Iran-linked Cavern Manticore hackers used a modular C&C framework, likely built with AI assistance, to target Israeli ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to ...
A recent report from cloud security firm Sysdig details the capabilities of JadePuffer, which it says is the first ransomware ...
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
The following include a list of pentest tools available across the web. Many are free and even open source, others are premium tools and require a monthly or yearly subscription. We’ll note when ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results