GitHub

motioneye_auth_rce_cve_2025_60787.rb

This module exploits a template injection vulnerability in the MotionEye Frontend. MotionEye Frontend versions 0.43.1b4 and prior are vulnerable to OS Command Injection in configuration parameters ...
The Verge

Microsoft is threatening legal action for disclosing exploits

The company is feuding with a security researcher publicly posting vulnerabilities. The company is feuding with a security researcher publicly posting vulnerabilities. is the Verge’s weekend editor.
The Hacker News

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed ...
Dark Reading

AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners ...
Ars Technica

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...