The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...
SecurityWeek

Unpatched Gogs Zero-Day Exploited for Months

Threat actors have exploited a zero-day vulnerability in the Gogs self-hosted Git service to compromise over 700 ...

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...
The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.
HealthcareInfoSecurity

Zero Day: 700 Instances of Self-Hosted Git Service Exploited

An attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self ...

Microsoft Worm Attack Warning — Act Rapidly And Change Passwords Now

Rapidly change your password, the Microsoft security team urges as Shai-Hulud Dune Worm cloud attacks continue.

IT Ministry warns VPN providers to block sites ‘leaking’ Indians’ data

Large paid VPN firms like ExpressVPN and NordVPN shifted their “India” servers to Singapore, buying Internet Protocol (IP) ...
Daijiworld

Centre asks VPN firms to block sites leaking Indian user data

The Ministry of Electronics and Information Technology (MeitY) has issued a warning to Virtual Private Network (VPN) service ...
TMCnet

Intruder Uncovers New Secrets Detection Techniques, Finds Thousands of Exposed Tokens Unaddressed by Traditional Methods

Intruder's improved secrets detection checks critically sensitive secrets exposed by application front-ends, via spidering: systematically crawling through websites to find all exposures. It is now ...

Jira Alternative: Plane 1.2.0 Migrates from Next.js to React Router and Vite

Plane 1.2.0 rebuilt its frontend stack, migrating from Next.js to React Router and Vite, and fixed critical security ...
Hackaday

This Week In Security: Hornet, Gogs, And Blinkenlights

Microsoft has published a patch-set for the Linux kernel, proposing the Hornet Linux Security Module (LSM). If you haven’t ...
OfficeChai

Chinese AI Startup Z.AI Releases AutoGLM-Phone Model To Control Phones With Natural Language

Chinese AI companies aren’t only creating foundational models that compete with their US counterparts, but they’re also ...