News
-
Cloudflare patches ACME HTTP-01 validation bug that could bypass WAF
Cloudflare said in a blog post it fixed an ACME HTTP-01 validation bug on October 27, 2025 that could disable WAF rules and allow requests to reach origin servers.
-
New vulnerability database db.gcve.eu launched to support European digital sovereignty
GCVE launched db.gcve.eu, a free public vulnerability database that integrates more than 25 data sources and uses a decentralized GNA numbering model. It offers a searchable catalog and an open API for tool integration.
-
PDFSider backdoor deployed on Fortune 100 finance firm network
A Resecurity technical analysis found PDFSider, a Windows backdoor, was used to deliver ransomware on a Fortune 100 finance firm’s network. The malware uses DLL side-loading, memory-only execution, DNS exfiltration, and AES-256-GCM encryption.
-
Fake NexShield extension crashes Chrome and Edge to push ModeloRAT
A Huntress technical analysis found that a fake ad blocker called NexShield crashed Chrome and Edge to push malicious commands and install ModeloRAT in corporate environments. Full system cleanup is advised for affected machines.
-
Researchers disclose Gemini prompt injection that used calendar invites to exfiltrate meeting data
A Miggo Security technical analysis shared with The Hacker News revealed an indirect prompt injection that used Google Calendar invites to extract private meeting details from Google Gemini. The flaw was fixed after responsible disclosure.
-
Tennessee man pleads guilty after hacking Supreme Court e-filing system and leaking VA and AmeriCorps data
A Tennessee man pleaded guilty after using stolen credentials to access the Supreme Court e-filing system at least 25 times and to breach AmeriCorps and VA accounts between August and October 2023, prosecutors said.
-
British Army to base 13 Signal Regiment at Gloucestershire site with £279 million spending
The British Army will base 13 Signal Regiment at Duke of Gloucester Barracks in Gloucestershire with £279 million funding. Plans cover new cyber facilities, accommodation for service families, and construction from 2027 to 2030.
-
XSS flaw in StealC control panel exposed sessions and millions of cookies
An XSS flaw in the StealC control panel let outsiders harvest system fingerprints, active sessions and cookies. Researchers recovered over 5,000 logs with about 390,000 passwords and more than 30 million cookies.
-
LOTUSLITE backdoor used in campaign targeting U.S. policy entities
Researchers disclosed a campaign on January 16, 2026 that used Venezuela-themed lures to deliver the LOTUSLITE backdoor to U.S. government and policy organizations via ZIP archive and DLL side-loading. Attribution is to Mustang Panda with moderate confidence.
-
CodeBreach misconfiguration in AWS CodeBuild could have exposed aws-sdk-js-v3 GitHub repo
A CodeBuild misconfiguration could have allowed takeover of AWS-managed GitHub repositories including the AWS JavaScript SDK. The flaw, dubbed CodeBreach, was fixed in September 2025 after responsible disclosure.
