Not a Kids Game: From Roblox Mod to Compromising Your Company

Seemingly harmless game mods can hide infostealer malware that quietly steals identities. Flare shows how Roblox mods can ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
The Hacker News

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

China-linked Mustang Panda used updated COOLCLIENT malware in 2025 espionage to steal data from government and telecom ...