Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

CyberStrikeAI tool adopted by hackers for AI-powered attacks

Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet ...

Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact

Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact ...
The Hacker News

How to Protect Your SaaS from Bot Attacks with SafeLine WAF

SafeLine self-hosted WAF blocks SaaS bot abuse with 99.45% accuracy, cutting fake sign-ups and stabilizing CPU usage.
The Hacker News

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...
SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.
SecurityWeek

Critical FreeScout Vulnerability Leads to Full Server Compromise

A critical-severity FreeScout vulnerability can be exploited for remote code execution without authentication or user interaction.
Science Daily

MIT scientists strip cancer of its sugar shield

Scientists at MIT and Stanford have unveiled a promising new way to help the immune system recognize and attack cancer cells more effectively. Their strategy targets a hidden “off switch” that tumors ...