AI-powered cyberattack kits are 'just a matter of time,' warns Google exec

Security chief says criminals are already automating workflows, with full end-to-end tools likely within years CISOs must ...
CRN

Is The Metasploit Hacking Tool Too Good?

Next month, Moore will raise the already-high stakes when Metasploit releases a new piece of code--called eVade-o-Matic--that makes it harder for intrusion-detection systems and antivirus software to ...
eWeek

Metasploit Adds Wi-Fi Exploits

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...

How smarter scams exploit Wi-Fi — and what you can do about it

Sensitive data can be stolen within minutes ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...
The New York Times

How Russia’s War Machine Brutalizes and Exploits Its Own Soldiers

In hundreds of official complaints, inadvertently posted online by the Russian government, soldiers and their loved ones describe a lawless and violent military apparatus that abuses its own troops to ...
Dark Reading

John Strand

John Strand is a senior instructor with the SANS Institute. He teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: ...