The AI security nightmare is here and it looks suspiciously like lobster

A hacker tricked a popular AI coding tool into installing OpenClaw — the viral, open-source AI agent OpenClaw that “actually does things” — absolutely everywhere. Funny as a stunt, but a sign of what ...
SiliconANGLE

Tens of thousands of OpenClaw systems exposed by misconfigurations and known exploits

A new report out today from security rating firm SecurityScorecard Inc. warns that widespread vulnerabilities in OpenClaw deployments have left tens of thousands of internet-facing instances exposed ...
SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is a notification to FECB agencies of those vulnerabilities that are both ...
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious Defamation’

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...
Infosecurity-magazine.com

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

Cyber attackers continue to speed up vulnerability exploitation and last year 28.96% of known exploited vulnerabilities (KEVs) identified by VulnCheck were exploited before being publicly disclosed, ...
CoinTelegraph

Saga pauses chainlet after $7M exploit that depegged its stablecoin

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...
Bleeping Computer

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a ...
Dark Reading

React2Shell Exploits Flood the Internet as Attacks Continue

A torrent of proof-of-concept (PoC) exploits for React2Shell has hit the internet following the vulnerability's disclosure last week, and while security researchers say most are fake, ineffective and ...
PC Gamer

'Quite a few things have taken us by surprise': Arc Raiders' wallhacks caught the devs off-guard as heaps of greedy players hunted for exploits

Third Person Shooter I finished Arc Raiders' new Shared Watch event in a single evening thanks to this one easy-to-craft item Fallout Fallout 76 devs were surprised the community turned out to be so ...
Nasdaq

Exploits Appoints Guy Bédard to Board

Veteran Mining Engineer Brings Technical Expertise and Deep Experience in Québec Neither the Canadian Securities Exchange nor its Regulation Service Provider (as the term is defined in the policies of ...
Infosecurity-magazine.com

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...