WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

/in

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability.
Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been described as a case of path traversal affecting the Windows version of the tool that could be exploited to obtain arbitrary code execution by crafting malicious archive files.
“When extracting a file,

The Hacker News – ​Read More

I tested GPT-5’s coding skills, and it was so bad that I’m sticking with GPT-4o (for now)

/in

In my latest coding benchmark, GPT-5 stumbled badly, delivering broken plugins, flawed scripts, and confidence-laden wrong answers that could derail projects without careful human oversight. Here’s what to know before you use it.

Latest news – ​Read More

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

/in

Security researcher Eaton Zveare told TechCrunch that the flaws he discovered in the carmaker’s centralized dealer portal exposed vast access to customer and vehicle data. With this access, Zveare said he could remotely take over a customer’s account and unlock their cars, and more.

Security News | TechCrunch – ​Read More

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

/in

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks.
The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and Shahak Morag, who presented their findings at the DEF CON 33 security conference today.
“As we

The Hacker News – ​Read More

Bouygues Telecom Hit by Cyberattack, 6.4 Million Customers Affected

/in

A cyberattack on Bouygues Telecom exposed data for 6.4 million customers. Find out what information was compromised and…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

/in

Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft’s Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server.
The vulnerability, tracked as CVE-2025-49760 (CVSS score: 3.5), has been described by the tech giant as a Windows Storage spoofing bug

The Hacker News – ​Read More

After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake

/in

Security researchers are now sounding the alarm on a new SMS text message fraud operation, which is surging in popularity — and its ability to steal people’s credit cards — since the demise of its predecessor.

Security News | TechCrunch – ​Read More

AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data

/in

AgentFlayer is a critical vulnerability in ChatGPT Connectors. Learn how this zero-click attack uses indirect prompt injection to…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

I’ve tested every iPad sold by Apple right now – here’s the model I recommend most

/in

Apple’s 11th-generation iPad is still the best and most accessible tablet to date. And at this price, it makes the Pro that much harder to justify.

Latest news – ​Read More

I changed these 6 settings on my iPad to significantly improve its battery life

/in

Getting more out of your tablet in a day means more work and more play.

Latest news – ​Read More