Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

KEV Collider combines data from multiple open-source vulnerability frameworks to help cybersecurity teams assess which issues ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15 ...

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
GitHub

Metasploit Exploit CVE Coverage

This repository provides a daily, automatically updated JSON dataset detailing which exploits within the Metasploit Framework are associated with specific Common Vulnerabilities and Exposures (CVE) ...

AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years ...
Bleeping Computer

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is ...
GitHub

mr-bala-kavi/pentest-metasploitable2

This is a comprehensive penetration testing automation suite designed specifically for testing the Metasploitable2 vulnerable VM in a controlled lab environment. The suite orchestrates a complete ...
Dark Reading

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday

Attackers are already exploiting one of the 57 vulnerabilities for which Microsoft issued a patch this week, and proof-of-concept (PoC) exploits are publicly available for two other vulnerabilities.