Security Boulevard

Fake Huorong security site infects users with ValleyRAT

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote ...
Security Boulevard

Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...
HotHardware

Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

Microsoft Office is victim to a critical zero-day exploit, and Russian hacker groups are already weaponizing it in destabilizing efforts toward the Ukrainian government. While Westerners and most ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
HotHardware

Millions At Risk As Attackers Exploit This Alarming WinRAR Security Flaw

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Zero-day exploits, AI-driven Android malware, firmware backdoors, password manager trust gaps, rising DDoS define this week’s critical cyber threats.
Game Rant

ARC Raiders Players Furious After Exploit Returns Just Days After Being Patched

After completing a degree in Film, Television, and Cultural Studies at Manchester Metropolitan University, I decided to pursue my love of writing and video games by entering the world of video game ...
CoinTelegraph

SwapNet exploit drains up to $13.3M from Matcha Meta users

Matcha Meta urged users to revoke one-time approvals for SwapNet’s router contract after a smart-contract vulnerability saw around $13.3 million stolen on the Base blockchain. Update, Jan. 27, 9:15 am ...
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...
Bleeping Computer

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.
SiliconANGLE

Tens of thousands of OpenClaw systems exposed by misconfigurations and known exploits

A new report out today from security rating firm SecurityScorecard Inc. warns that widespread vulnerabilities in OpenClaw deployments have left tens of thousands of internet-facing instances exposed ...
Bleeping Computer

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious ...