Glassworm botnet disrupted after resilient C2 infrastructure takedown

The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
CSO Online

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
Dark Reading

Microsoft Issues Out-of-Band SharePoint Patch

SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...