KelpDAO was exploited for approximately $294 million via its rsETH bridge contract, with the attacker converting minted rsETH into 106,467 ETH and creating a potential $236M bad debt for Aave.

This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. It uses Log4j 2.14.1 (through spring-boot-starter-log4j2 2.6.1) and the JDK 1.8.0_181. [+] ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

Orca Security, the pioneer in agentless cloud security, today released its 2026 State of Application Security Report, finding that while organizations are accelerating cloud-native development and AI ...

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense. Recent breaches suggest attackers are shifting ...

The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits. The software has been ...

A new exploit kit for iOS devices and delivery framework dubbed “DarkSword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet apps. DarkSword ...

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime. An iOS exploit framework has revealed ...

Researchers say fake crypto websites deployed an iOS exploit kit capable of stealing wallet seed phrases and other financial data. Threat researchers at Google say they have uncovered a new exploit ...

This iOS 'Exploit' Kit Can Hack Vulnerable iPhones Using 23 Different Attacks Security researchers discover the 'Coruna' exploit kit running on malicious Chinese websites that were able to secretly ...