The Hacker News

Vulnerability | Breaking Cybersecurity News | The Hacker News

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure ...
GitHub

Fast pickle-to-JSON transcoder for ZODB, implemented in Rust via PyO3.

Converts ZODB pickle records into human-readable, JSONB-queryable JSON while maintaining full roundtrip fidelity. Designed as the codec layer for a RelStorage JSONB storage backend. ZODB stores object ...
Deep

RapidFort Raises $42M for Automated Vulnerability Elimination

RapidFort announced $42 million in Series A funding led by Blue Cloud Ventures and Forgepoint Capital, with participation from prior lead investor Felicis Ventures. Additional participants include ...
GitHub

Unsafe JSON deserialization (__type__)

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Infosecurity-magazine.com

SolarWinds Web Help Desk Vulnerability Actively Exploited

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...
SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution. Threat actors are exploiting a critical-severity SolarWinds vulnerability that was patched last ...
Bleeping Computer

CISA flags critical SolarWinds RCE flaw as exploited in attacks

CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days. Tracked as CVE-2025-40551, ...