Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
The Hacker News

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches released by Broadcom.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Dark Reading

VMware Aria Operations Bug Exploited, Cloud Resources at Risk

Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims' cloud ...
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
Invezz

OpenAI introduces EVMbench to measure AI crypto security

OpenAI introduces EVMbench to measure AI crypto security. Benchmark evaluates detection, patching and exploit skills. GPT-5.3-Codex beats GPT-5 in controlled exploit scenarios. OpenAI has launched a ...
GitHub

cerberussolution/facts-htb-writeup

This write-up details the exploitation of the Facts machine. The journey begins with web fuzzing, leads to exploiting two critical vulnerabilities in the Camaleon CMS for LFI and privilege escalation, ...
ZDNet

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

As AI adoption speeds ahead, major security flaws remain unsolved. Users and businesses should stay up to date on vulnerabilities. These four major issues still plague AI integration. AI systems are ...