New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
CoinDesk

The Protocol: Kelp DAO exploited for $292 million

Crypto bridge hacks like the $292 million Kelp DAO exploit keep happening because bridges rely on trusted intermediaries and ...

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited ...
GitHub

ESP8266/ESP32 UMTX2 Jailbreak Host for PlayStation 5 (FW 1.00–5.50)

Lightweight web server for ESP8266/ESP32 boards that hosts the PlayStation 5 UMTX2 Jailbreak for firmware versions 1.00–5.50, with minor modifications to enable caching, data compression and access to ...
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender ...
GitHub

Agent Skills

Built-in CVE (MSF), SQL Injection, Credential Testing, Social Engineering Simulation, Availability Testing Ship with RedAmon. The agent has built-in knowledge of these workflows — no .md file is ...
The Hacker News

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development ...