Dark Reading

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
The Hacker News

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as ...
keengamer.com

Rainbow Six Siege X Hack Triggers Massive Credit Exploit, Ubisoft Rolls Back Accounts and ...

Ubisoft’s position is straightforward: players will not be punished for spending the R6 credits they received during the hack wave, because the fix is a transaction ...
Bleeping Computer

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...
The Hacker News

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the ...
bitnewsbot

Chinese Cybercriminals Exploit IIS Servers for SEO Fraud, Data Theft

Chinese-speaking cybercrime group UAT-8099 exploits Microsoft IIS servers for SEO fraud and data theft across multiple countries using customized malware and advanced hacking tools. According to Cisco ...
CNX Software

Converting a disposable vape into a web server

People have been recycling batteries in disposable vapes for a while, but BogdanTheGeek has gone a lot of further, converting a specific model of disposable vape into a web server. How is that ...
TechSpot

This disposable vape just became a "smokin' fast" web server

Editor's take: Vapes aren't what they were a few years ago. Some now sport screens ranging from the basic – displaying charge and approximate puffs left – to elaborate LEDs showing brand logos with ...
AOL

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

LONDON (Reuters) -A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber ...
Microsoft

Disrupting active exploitation of on-premises SharePoint vulnerabilities

July 23, 2025 update – Expanded analysis and threat intelligence from our continued monitoring of exploitation activity by Storm-2603 leading to the deployment of Warlock ransomware. Based on new ...
The Verge

Microsoft SharePoint servers are under attack because of a major security flaw

Government agencies and thousands of companies could be affected by the zero-day breach. Government agencies and thousands of companies could be affected by the zero-day breach. is a news writer ...