The Hacker News

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

Active exploits target Sneeit plugin CVE-2025-6389 and ICTBroadcast CVE-2025-2611, enabling RCE, backdoors, and Frost DDoS ...
SecurityWeek

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...
The Hacker News

Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features

Researchers detail FvncBot, SeedSnatcher, and a stronger ClayRat that widen Android data theft and device control tactics.