Critical SolarWinds Serv-U flaws offer root access to servers

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Judge bars government from ‘wholesale’ search of Washington Post reporter’s seized devices

A magistrate judge has barred federal authorities from conducting an unsupervised, wholesale search of electronic devices that they seized from a Washington Post reporter’s Virginia home while investi ...
The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Forbes

How To Use A Mobile Wallet

Robin has worked as a credit cards, editor and spokesperson for over a decade. Prior to Forbes Advisor, she also covered credit cards and related content for other national web publications including ...