WinBuzzer

How ‘Reprompt’ Turned Microsoft Copilot Into an Invisible Spy with One Click

Microsoft has patched a vulnerabilitz in Copilot Personal that allowed hackers to steal sensitive user data through a single ...

A single click mounted a covert, multistage attack against Copilot

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data ...

ChatGPT falls to new data-pilfering attack as a vicious cycle in AI continues

There’s a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
The New York Times

How Russia’s War Machine Brutalizes and Exploits Its Own Soldiers

In hundreds of official complaints, inadvertently posted online by the Russian government, soldiers and their loved ones describe a lawless and violent military apparatus that abuses its own troops to ...
GitHub

ESP8266/ESP32 UMTX2 Jailbreak Host for PlayStation 5 (FW 1.00–5.50)

Lightweight web server for ESP8266/ESP32 boards that hosts the PlayStation 5 UMTX2 Jailbreak for firmware versions 1.00–5.50, with minor modifications to enable caching, data compression and access to ...
CSOonline

Webrat turns GitHub PoCs into a malware trap

Security professionals hunting PoCs and exploit code on GitHub might soon walk into a trap, as attackers redirect a known RAT toward them. Researchers have uncovered a stealthy campaign in which the ...
Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...