Bedrock said the root cause of the exploit has been “handled” and reassured users that all remaining assets were safe. Multi-asset liquid staking protocol Bedrock confirmed it fell victim to a ...

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a ...

OpenAI introduces EVMbench to measure AI crypto security. Benchmark evaluates detection, patching and exploit skills. OpenAI has launched a benchmarking system called EVMbench to evaluate how ...

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...

Two separate Mirai botnet campaigns are exploiting a critical flaw in a somewhat unlikely target. The Akamai Security Intelligence and Response Team recently observed exploitation of CVE-2025-24016, a ...

Multiple threat actors are actively targeting a recently disclosed maximum-severity security bug in the Aviatrix Controller centralized management platform for cloud networking. In a worst-case ...

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? Your email has been sent Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed ...