exploit

158 articles

sort: new top best

bug-bounty432 google350 xss348 microsoft279 facebook245 apple171 exploit158 rce153 malware95 account-takeover94 cve87 csrf82 writeup78 bragging-post78 browser76 privilege-escalation66 react59 authentication-bypass57 cloudflare54 dos53 ssrf51 docker51 node49 aws47 access-control47 smart-contract45 phishing45 oauth45 ethereum43 defi42 supply-chain42 sql-injection41 web341 lfi37 idor34 smart-contract-vulnerability32 clickjacking31 web-application31 wordpress30 race-condition30 reverse-engineering30 info-disclosure29 vulnerability-disclosure29 cloud28 information-disclosure28 burp-suite28 solidity27 web-security27 cors26 responsible-disclosure26

14,000 routers are infected by malware that's highly resistant to takedowns

threat

dos exploit google malware microsoft

arstechnica.com · mikelgan · 1 day ago · details · hn

New PhantomRaven NPM attack wave steals dev data via 88 packages

threat

exploit google graphql malware microsoft node supply-chain websocket

bleepingcomputer.com · Bill Toulas · 2 days ago · details

From Patch Tuesday to Pentest Wednesday®: A University’s Journey to Measure Blast Radius

authentication

cloud exploit info-disclosure malware pentest phishing privilege-escalation

horizon3.ai · Stephen Gates · 2 days ago · details

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

exploit

thehackernews.com · [email protected] (The Hacker News) · 2 days ago · details

A Special AMD Ryzen AM5 Motherboard for Linux / Open-Source Enthusiasts

authentication

exploit facebook google privilege-escalation

phoronix.com · RachelF · 2 days ago · details · hn

PageJack in Action: CVE-2022-0995 exploit

vulnerability

buffer-overflow cve exploit

CVE-2022-0995

blog.quarkslab.com · Jean Vincent · 2 days ago · details

America's never had such high national debt heading into an economic shock

exploit

exploit microsoft react

fortune.com · ndsipa_pomu · 2 days ago · details · hn

It's time to speak out against unchecked growth of satellite mega constellations

exploit

exploit google

scientificamerican.com · randycupertino · 2 days ago · details · hn

The March 2026 Security Update Review

vulnerability

cve dos exploit facebook google info-disclosure microsoft privilege-escalation rce xss

CVE-2026-21262 CVE-2026-23651 CVE-2026-23668 CVE-2026-23669 CVE-2026-26110 CVE-2026-26113 CVE-2026-26127 CVE-2026-26144

thezdi.com · Dustin Childs · 3 days ago · details

AI Agent hacked McKinsey's chatbot and gained full read-write access in 2 hours

vulnerability

apple bug-bounty docker dos exploit google malware microsoft phishing sqli

theregister.com · smurda · 3 days ago · details · hn

Investigating multi-vector attacks in Log Explorer

vulnerability

browser cache-poisoning cloud cloudflare dos exploit google info-disclosure malware microsoft phishing sqli

blog.cloudflare.com · Jen Sells · 3 days ago · details

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

exploit

thehackernews.com · [email protected] (The Hacker News) · 3 days ago · details

On Thinking Machines

exploit

exploit wordpress

sicpers.info · ingve · 3 days ago · details · hn

Levels of Agentic Engineering

bug-bounty

browser exploit google microsoft writeup

bassimeledath.com · bombastic311 · 3 days ago · details · hn

Claude Code, Claude Cowork and Codex #5

threat

exploit facebook google malware microsoft supply-chain wordpress

thezvi.wordpress.com · swolpers · 3 days ago · details · hn

Unauthenticated Chat Takeover in AI Chatbot – un1tycyb3r

exploit

exploit websocket

un1tycyb3r.com · bugbountydaily · 3 days ago · details

DARPA’s new X-76

exploit

exploit microsoft

darpa.mil · newer_vienna · 4 days ago · details · hn

Fixing request smuggling vulnerabilities in Pingora OSS deployments

vulnerability

bug-bounty cache-poisoning cloudflare cve exploit node request-smuggling

CVE-2026-2833 CVE-2026-2835 CVE-2026-2836

blog.cloudflare.com · Edward Wang · 4 days ago · details

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

threat

apple exploit malware

thehackernews.com · [email protected] (The Hacker News) · 4 days ago · details

If It Quacks Like a Package Manager

vulnerability

aws exploit facebook kubernetes node rce supply-chain

nesbitt.io · jandeboevrie · 5 days ago · details · hn

Exploits and vulnerabilities in Q4 2025

vulnerability

buffer-overflow cve exploit lfi malware microsoft phishing privilege-escalation rce react

CVE-2017-0199 CVE-2017-11882 CVE-2018-0802 CVE-2019-13272 CVE-2021-22555 CVE-2022-0847 CVE-2023-32233 CVE-2023-38831 CVE-2025-11001 CVE-2025-24990 CVE-2025-49844 CVE-2025-54100 CVE-2025-55182 CVE-2025-59287 CVE-2025-6218 CVE-2025-8088

securelist.com · Alexander Kolesnikov · 7 days ago · details

Getting a Shell on the Tapo C260 Camera (CVE-2026-0651, CVE-2026-0652, CVE-2026-0653)

vulnerability

cve exploit google lfi privilege-escalation rce reverse-engineering

CVE-2026-0651 CVE-2026-0652 CVE-2026-0653

spaceraccoon.dev · spaceraccoon · 7 days ago · details

The MCP AuthN/Z Nightmare

vulnerability

cloudflare cve exploit facebook oauth rce

CVE-2025-4143 CVE-2025-4144 CVE-2025-53100 CVE-2025-53818 CVE-2025-6514

blog.doyensec.com · doyensec · 8 days ago · details

Bypassing debug password protection on the RH850 family using fault injection

exploit

exploit reverse-engineering

blog.quarkslab.com · Philippe Azalbert · 8 days ago · details

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

exploit

apple exploit google

thehackernews.com · [email protected] (The Hacker News) · 9 days ago · details

Protecting education: How MDR can tip the balance in favor of schools

threat

exploit malware phishing

welivesecurity.com · welivesecurity · 9 days ago · details

Turning Almost Nothing into a Supply Chain Compromise of Angular with GitHub Actions Cache Poisoning | Adnan Khan - Security Research

vulnerability

cache-poisoning cloud exploit google jwt node rce supply-chain

adnanthekhan.com · bugbountydaily · 10 days ago · details

Avira: Deserialize, Delete and Escalate - The Proper Way to Use an AV

vulnerability

bug-bounty cve deserialization dos exploit microsoft pentest privilege-escalation race-condition writeup

CVE-2026-27748 CVE-2026-27749 CVE-2026-27750

blog.quarkslab.com · Lucas Laise · 10 days ago · details

Python pitfalls: Turning developer mistakes into vulnerabilities

vulnerability

bug-bounty ctf cve exploit lfi rce writeup

CVE-2025-57403 CVE-2025-6278

yeswehack.com · bugbountydaily · 14 days ago · details

vinext: Vibe-Hacking Cloudflare's Vibe-Coded Next.js Replacement

vulnerability

auth-bypass bug-bounty cache-poisoning cloudflare dos exploit info-disclosure lfi open-redirect race-condition rce react ssrf

hacktron.ai · bugbountydaily · 14 days ago · details