本周 Metasploit 框架的最新更新为渗透测试人员和红队成员带来重大增强，新增了七个针对常用企业软件的漏洞利用模块。本次更新的亮点包括三个针对 FreePBX 的复杂模块，以及针对 Cacti 和 SmarterMail 的关键远程代码执行（RCE）功能。 此次更新凸显了通过将认证绕 ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an ...

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. On January 26, ...

Rajeev Dhir is a writer with 10+ years of experience as a journalist with a background in broadcast, print, and digital newsrooms. Betsy began her career in international finance and it has since ...

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, researchers at Check Point have said. The attackers leveraged ...

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...