CSO Online

ShadowV2 turns DDoS into a cloud-native subscription service

The DDoS-for-hire campaign exploits misconfigured Docker containers on AWS, using cloud-native environments for industrial ...
The Hacker News

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

ShadowV2 botnet exploits AWS Docker flaws using Python C2 and Go RAT, enabling sophisticated DDoS-for-hire attacks.
Hosted on MSN

Cast a hex on ChatGPT to trick the AI into writing exploit code

OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails ...
The Hacker News

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

AI-powered Villager tool reached 11,000 PyPI downloads since July 2025, enabling scalable cyberattacks and complicating forensics.
Bleeping Computer

Hacker targets other hackers and gamers with backdoored GitHub code

A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to ...
Bleeping Computer

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. FortiWeb ...
Infosecurity-magazine.com

Attackers Target Japanese Firms with Cobalt Strike

Threat analysts have warned against a sophisticated cyber-intrusion campaign that predominantly targets organizations in Japan across the technology, telecommunications, entertainment, education and e ...