La Nacion

“Watering hole”: cómo funciona la técnica con la que hackers atacaron iPhones en EE.UU.

Una ola de ciberataques dirigidos a iPhones fue descubierta por investigaciones recientes que revelaron el uso de herramientas altamente sofisticadas capaces de tomar el control casi total de los ...
decrypt

Google Descubre DarkSword, el Exploit de iOS en Apple que Roba Credenciales de Coinbase, Binance y Ledger en iPhones

Google identificó DarkSword, un exploit que encadena 6 vulnerabilidades de iOS 18.4 a 18.7 para instalar malware cripto. El malware Ghostblade apunta a Coinbase, Binance, Kraken y wallets como Ledger, ...
The Hacker News

Why Security Validation Is Becoming Agentic

If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one corner. A pentest engagement, or maybe an automated pentesting ...
IEEE

Toward Automatic Heap Exploit Generation by Using Heap Layout Constraints on Binary Programs

Abstract: Automatic exploit generation (AEG) is widely recognized as one of the most effective methods for assessing the risk level of vulnerabilities. To exploit heap-related vulnerabilities, it is ...
The Hacker News

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of ...
GitHub

cve-2025-32433-exploit

This exploit script is designed to simplify exploitation of the Erlang/OTP SSH vulnerability CVE-2025-32433 in the TryHackMe lab environment.