A critical sandbox escape vulnerability has been unearthed within the vm2 library—a utility frequently employed as a JavaScript
The post The Async Escape: Critical 9.8 Flaw in vm2 Turns JavaScript Sandboxes Into Open Gateways appeared first on Penetration Testing Tools.
Ivanti has disseminated remedial updates addressing two critical zero-day vulnerabilities within its Endpoint Manager Mobile (EPMM) platform. At
The post Zero-Day Flaw: Why Ivanti’s 9.8-Rated “Bash” Flaws Are a Disaster for Mobile Security appeared first on Penetration Testing Tools.
The GnuPG Project has inaugurated a vital maintenance release, GnuPG 2.5.17, engineered to rectify a critical security deficit
The post S/MIME Stack Overflow: OpenAI Researchers Uncover “Highly Likely” RCE in GnuPG appeared first on Penetration Testing Tools.
A team of cybersecurity experts has unearthed two critically severe vulnerabilities within the n8n workflow automation platform. Both
The post Automation or Infiltration? The JFrog Discoveries Breaking n8n’s Security Sandboxes appeared first on Penetration Testing Tools.
The burgeoning popularity of the AI assistant Moltbot—formerly known as Clawdbot, a nomenclature abandoned following trademark disputes with
The post Agent of Chaos: Why Cybersecurity Experts Are Terrified of the “Viral” Moltbot AI Assistant appeared first on Penetration Testing Tools.
A cyberattack that initially garnered scant attention in Poland has since emerged as a pivotal signal for the
The post Beyond Blackouts: The ELECTRUM Strike on Poland and the New Era of “Digital Arson” appeared first on Penetration Testing Tools.
Cybersecurity specialists at Arctic Wolf have identified a nascent wave of incursions targeting Fortinet FortiGate firewalls. Adversaries are
The post Surgical Silence: The New Fortinet Zero-Day That Hijacks Firewalls in Seconds appeared first on Penetration Testing Tools.
In the preceding month, analysts at Barracuda have identified a flurry of sophisticated email-borne incursions targeting corporations and
The post The Invisible Mosaic: How Tycoon’s HTML QR Codes and Teams Scams Are Blinding Modern Defenses appeared first on Penetration Testing Tools.
Most Basic Penetration Testing Lab (MBPTL) A comprehensive, hands-on penetration testing lab designed to teach cybersecurity fundamentals through
The post Hacking the Basics: A 17-Flag Guide to the MBPTL Pen Testing Lab appeared first on Penetration Testing Tools.
The Google Threat Intelligence Group (GTIG) has disclosed the extensive exploitation of a critical vulnerability, designated CVE-2025-8088, residing
The post The Persistence of WinRAR: Google Warns of Widespread CVE-2025-8088 Attacks appeared first on Penetration Testing Tools.
Israel is poised to undergo one of the most profound transformations in its digital security landscape. Authorities have
The post Defending the Start-Up Nation: Israel Unveils First Permanent Cyber Law appeared first on Penetration Testing Tools.
The OpenSSL team has disseminated a comprehensive security advisory detailing a constellation of vulnerabilities afflicting the ubiquitous cryptographic
The post Memory Under Siege: OpenSSL Releases Urgent Patches for Critical Buffer Overflows appeared first on Penetration Testing Tools.
The cryptocurrency realm has imperceptibly acquired new “shadow bankers,” with a substantial portion of illicit digital assets now
The post Shadow Bankers of the Blockchain: The $16B Rise of Chinese Crypto-Laundering appeared first on Penetration Testing Tools.
Chinese state-affiliated hackers maintained illicit access to mobile devices belonging to personnel within the British Prime Minister’s residence
The post The Heart of Downing Street: China’s Salt Typhoon Infiltrates UK PMs’ Phones appeared first on Penetration Testing Tools.
The cybercriminals orchestrating the Kimwolf botnet appear intent on flaunting a truly monumental acquisition. A screenshot has surfaced
The post The Botnet Merger: Kimwolf Hijacks 10 Million Badbox 2.0 Devices appeared first on Penetration Testing Tools.
Meta has commenced the rollout of a novel WhatsApp feature designed to consolidate a suite of security settings
The post WhatsApp’s Great Migration: New Lockdown Mode and Rust-Powered Media Security appeared first on Penetration Testing Tools.
GHARF is an efficient support framework for Red Team exercises that applies the concept of CI/CD (Continuous Integration
The post Red Teaming at Scale: GHARF Automates the Attack Lifecycle via CI/CD appeared first on Penetration Testing Tools.
Social engineering offensives are undergoing a sophisticated metamorphosis—adversaries now amalgamate telephonic directives with dynamic phishing kits that facilitate
The post The Browser Puppeteer: New Vishing Kits Hijack Sessions in Real-Time appeared first on Penetration Testing Tools.
When the facade of a PayPal, Microsoft, or banking “support” number graces a smartphone screen, few perceive the
The post The Industrialized Scam: How Sinch and Microsoft Teams Power the Global Fraud Trade appeared first on Penetration Testing Tools.
The North Korean-aligned cyber-espionage syndicate Andariel has reasserted its presence through a sophisticated offensive targeting entities across Europe
The post The ERP Breach: North Korea’s Andariel Group Strikes Europe with New Malware appeared first on Penetration Testing Tools.
