ZerOwl

WinRAR Path Traversal CVE-2025-8088 Actively Exploited, Google Warns Of Persistent Windows Access

A critical WinRAR vulnerability known as CVE-2025-8088 is being actively exploited by several threat actors to obtain and retain access to Windows

WinRAR Path Traversal CVE-2025-8088 Actively Exploited, Google Warns Of Persistent Windows Access

CYBER ATTACKJan 28, 2026

A critical WinRAR vulnerability known as CVE-2025-8088 is being actively exploited by several threat actors to obtain and retain access to Windows

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

CYBER ATTACKZerowl

a major security alert that addresses several flaws in various iterations of its cryptographic library This article explores vulnerability openssl

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

CYBER ATTACKJan 28, 2026

a major security alert that addresses several flaws in various iterations of its cryptographic library This article explores vulnerability openssl

Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System

CYBER ATTACKZerowl

One of the most popular Windows file compression programs, WinRAR, has a serious security flaw that has made it a popular tool for hackers looking

Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System

CYBER ATTACKJan 28, 2026

One of the most popular Windows file compression programs, WinRAR, has a serious security flaw that has made it a popular tool for hackers looking

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

CYBERSECURITYZerowl

In order to fix a serious vulnerability affecting FortiOS that has been actively exploited in the wild, Fortinet has started releasing security

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

CYBERSECURITYJan 28, 2026

In order to fix a serious vulnerability affecting FortiOS that has been actively exploited in the wild, Fortinet has started releasing security

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

CYBER ATTACKZerowl

VM2 has been found to have a critical sandbox escape vulnerability This article explores vulnerability vm2 sandbox. .

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

CYBER ATTACKJan 28, 2026

VM2 has been found to have a critical sandbox escape vulnerability This article explores vulnerability vm2 sandbox. .

16 Malevolent Chrome Add-ons Posing as ChatGPT Enhancers Steal User Information

CYBER ATTACKZerowl

16 malicious Chrome browser extensions that pose as ChatGPT productivity enhancers were part of a coordinated campaign.

16 Malevolent Chrome Add-ons Posing as ChatGPT Enhancers Steal User Information

CYBER ATTACKJan 28, 2026

16 malicious Chrome browser extensions that pose as ChatGPT productivity enhancers were part of a coordinated campaign.

Facebook, WhatsApp, and Instagram Will Test New Premium Subscriptions

CYBER ATTACKZerowl

In order to increase productivity, creativity, and AI-driven interactions, Meta is preparing to launch premium subscription tiers for its flagship

Facebook, WhatsApp, and Instagram Will Test New Premium Subscriptions

CYBER ATTACKJan 28, 2026

In order to increase productivity, creativity, and AI-driven interactions, Meta is preparing to launch premium subscription tiers for its flagship

The G_Wagon npm package uses an obfuscated payload to attack users and steal their browser credentials.

CYBER ATTACKZerowl

Security researchers found a risky npm package called ansi-universal-ui on January 23, 2026, which posed as a genuine user interface component

The G_Wagon npm package uses an obfuscated payload to attack users and steal their browser credentials.

CYBER ATTACKJan 28, 2026

Security researchers found a risky npm package called ansi-universal-ui on January 23, 2026, which posed as a genuine user interface component

A New Watering Hole Attack Targets EmEditor Users Distributing Malware for Stealers

CYBER ATTACKZerowl

An advanced watering hole attack that targets users of EmEditor, a widely used Windows text editor that is preferred by developers, particularly in

A New Watering Hole Attack Targets EmEditor Users Distributing Malware for Stealers

CYBER ATTACKJan 27, 2026

An advanced watering hole attack that targets users of EmEditor, a widely used Windows text editor that is preferred by developers, particularly in

Hackers Take Advantage of Teams Features to Steal Credentials Copying Microsoft Services

CYBER ATTACKZerowl

Threat actors are using Microsoft Teams' legitimate features to spread malicious content that looks to be from reliable Microsoft services in a

Hackers Take Advantage of Teams Features to Steal Credentials Copying Microsoft Services

CYBER ATTACKJan 27, 2026

Threat actors are using Microsoft Teams' legitimate features to spread malicious content that looks to be from reliable Microsoft services in a

Top 5 this week

North Korean Hackers Compromise Popular Axios Package to Infect Windows, macOS, and Linux

CYBER ATTACKZerowl

North Korean Hackers Compromise Popular Axios Package to Infect Windows, macOS, and Linux

LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions

CYBER ATTACKZerowl

LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

CYBER ATTACKZerowl

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CYBERSECURITYZerowl

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Anthropic Officially Terminates Claude Subscriptions Used by Tools Like OpenClaw

CYBER ATTACKZerowl

LATEST

WinRAR Path Traversal CVE-2025-8088 Actively Exploited, Google Warns Of Persistent Windows Access

WinRAR Path Traversal CVE-2025-8088 Actively Exploited, Google Warns Of Persistent Windows Access

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System

Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

16 Malevolent Chrome Add-ons Posing as ChatGPT Enhancers Steal User Information

16 Malevolent Chrome Add-ons Posing as ChatGPT Enhancers Steal User Information

Facebook, WhatsApp, and Instagram Will Test New Premium Subscriptions

Facebook, WhatsApp, and Instagram Will Test New Premium Subscriptions

The G_Wagon npm package uses an obfuscated payload to attack users and steal their browser credentials.

The G_Wagon npm package uses an obfuscated payload to attack users and steal their browser credentials.

A New Watering Hole Attack Targets EmEditor Users Distributing Malware for Stealers

A New Watering Hole Attack Targets EmEditor Users Distributing Malware for Stealers

Hackers Take Advantage of Teams Features to Steal Credentials Copying Microsoft Services

Hackers Take Advantage of Teams Features to Steal Credentials Copying Microsoft Services

Top 5 this week

North Korean Hackers Compromise Popular Axios Package to Infect Windows, macOS, and Linux

North Korean Hackers Compromise Popular Axios Package to Infect Windows, macOS, and Linux

LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions

LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Anthropic Officially Terminates Claude Subscriptions Used by Tools Like OpenClaw

Anthropic Officially Terminates Claude Subscriptions Used by Tools Like OpenClaw