SecurityWeek

Zast.AI Raises $6 Million for AI-Powered Code Security

Zast.AI has raised $6 million in funding to secure code through AI agents that identify and validate software vulnerabilities ...
HotHardware

Millions At Risk As Attackers Exploit This Alarming WinRAR Security Flaw

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...
Ars Technica

Microsoft releases urgent Office patch. Russian-state hackers pounce.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...
Bleeping Computer

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious ...
Bleeping Computer

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...
Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...