Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.
The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.
IEEE

Show Me Your Code! Kill Code Poisoning: A Lightweight Method Based on Code Naturalness

Abstract: Neural code models (NCMs) have demonstrated extraordinary capabilities in code intelligence tasks. Meanwhile, the security of NCMs and NCMs-based systems has garnered increasing attention.
pcguide

Microsoft confirms worrying Remote Code Execution security flaw in Notepad and is rolling out a fix

When it comes to cybersecurity, Remote Code Execution is just about as bad as it gets, and that’s exactly what Microsoft has confirmed is affecting its Notepad app on Windows 11. The tech giant points ...
Bleeping Computer

Windows 11 Notepad flaw let files execute silently via Markdown links

If a user opened this Markdown file in Windows 11 Notepad versions 11.2510 and earlier and viewed it in Markdown mode, the above text would appear as a clickable link. If the link is clicked with ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
winbuzzer.com

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft patched a high-severity command injection vulnerability in Windows Notepad through its February 2026 Patch Tuesday updates that allows attackers to execute malicious code remotely via ...
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress Security have published data on the exploitation of a critical SolarWinds Web Help Desk (WHD) vulnerability, revealing how in at least three known incidents, attackers ...
GameSpot

Helldivers 2 Is Teasing Something With A Mess Of Binary Code

GameSpot may get a commission from retail offers. Helldivers 2 doesn't give its players much of breather before throwing another invasion or intergalactic threat at them. Players across PlayStation 5, ...
Futurism

It Turns Out That When Waymos Are Stumped, They Get Intervention From Workers in the Philippines

Waymo has established itself as the autonomous ride-hailing service to beat, operating a fleet of several thousand self-driving taxis across the United States, with active services in ten major ...
GitHub

Lambda File Upload System with Web UI

Deploy the Lambda function. Create and configure API Gateway. Upload and host the HTML UI on S3. Here's a complete working AWS Lambda + UI project, including all code files and deployment steps. This ...