access ai android api apple attack authentication backdoor breach business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud germany google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Android Ad Fraud Operation Generates 659M Bid Requests
Researchers Identify 455 Malicious Apps Tied to Global Malvertising Campaign. Cybercriminals used malicious Android apps to funnel unwitting users to an ad fraud scam that generated up to 659 million daily bid requests, reports Human Security. The scam has spanned 455 malicious Android apps and is linked to 183 threat actor-owned command-and-control domains. First seen…
-
Signal-Affäre: Klassische IT-SupportAttacken auf Bundestagsabgeordnete
Tags: phishingFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/signal-affaere-it-support-phishing-attacke-bundestagsabgeordnete also interesting: Flipper Zero WiFi attack can unlock and steal Tesla cars Developers Beware! Fake Job Offers from Legitimate Github Address Angreifer umgehen Virenscan mittels beschädigter Word-Dokumente Salty2FA Takes Phishing Kits to Enterprise Level
-
KI: Zahlungsbereitschaft der Nutzer vor allem für leistungsfähigere Modelle gestiegen
Tags: aiFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/ki-zahlungsbereitschaft-nutzer-leistungsfahigkeit-modelle-anstieg also interesting: 3 Tips for Becoming the Champion of Your Organization’s AI Committee What Microsoft Knows About AI Security That Most CISOs Don’t? Eat or be eaten by AI, Amazon CEO warns staff AI Tackles Binary Code Challenges to Fortify Supply Chain Security
-
CISA credential leak raises alarms, and Capitol Hill demands answers
A researcher who found a repository that leaked on GitHub said it was one of the worst he’s witnessed. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-credential-leak-congress-demands-answers/ also interesting: Why honeypots deserve a spot in your cybersecurity arsenal CISA GitHub Leak Exposes AWS GovCloud Secrets The Problem of Permissions and Non-Human Identities – Why Remediating…
-
Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut
Verizon’s 2026 Data Breach Investigations Report (DBIR) finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/verizon-dbir-enterprises-vulnerability-glut also interesting: 10 most critical LLM vulnerabilities Privacy Roundup: Week 1 of Year 2025 25 on 2025: APAC…
-
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/ also interesting: Microsoft Teams vishing attacks trick employees into handing over remote access 25 on 2025: APAC security thought…
-
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/ also interesting: Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework Microsoft Patch…
-
Max-severity flaw in ChromaDB for AI apps allows server hijacking
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/ also interesting: Azure Storage Utility Vulnerability Allows Privilege Escalation to Root Access Critical Flaws in Base44 Exposed Sensitive Data and Allowed Account Takeovers GitHub…
-
New CEO Joe Diamond Pushes Axonius Beyond Asset Management
Axonius Wants Enterprises to Spot Assets and Automate Remediation From One Platform. New Axonius CEO Joe Diamond said the New York-based company is evolving from asset management to asset intelligence by combining visibility, contextual correlation and automated remediation across IT, IoT, OT and emerging AI agent environments. Diamond takes over from founding CEO Dean Sysman.…
-
Public NYC Health System Notifying 1.8M of Hack
Incident Involved an Unnamed Third-Party Vendor. New York City’s municipal healthcare system is notifying nearly 2 million patients of a hacking incident discovered earlier this year involving a third-party vendor. The breach compromised a long list of information, including biometric data such as fingerprints. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/public-nyc-health-system-notifying-18m-hack-a-31726 also interesting: The…
-
Judges Clash Over Pentagon’s Anthropic Ban
Appeals Court Weighs Pentagon Authority Over Frontier AI Providers. A majority of judges on a U.S. federal appeals court appeared disposed to allowing Defense Secretary Pete Hegseth to bar Anthropic from future military work for posing national security risk. Oral argument held Tuesday in the U.S. Court of Appeals for the D.C. Circuit was Anthropic’s…
-
LogicMonitor und Deutsche Telekom bauen AI-First-Observability und Managed Services aus
Deutsche Telekom setzt auf KI-Offensive: Die Ausweitung der Partnerschaft ist Teil des modularen und herstellerunabhängigen Managed-Services-Portfolios. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/logicmonitor-und-deutsche-telekom-bauen-ai-first-observability-und-managed-services-aus/a45191/ also interesting: How AI red teams find hidden flaws before attackers do Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors How a Single Overprivileged Service Turned the LexisNexis Breach…
-
Windows Zero-Day Barrage Continues After Patch Tuesday
YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/windows-zero-day-barrage-continues-after-patch-tuesday also interesting: Microsoft Windows WebDAV 0-Day RCE Vulnerability Actively Exploited in The Wild Gladinet file sharing zero-day brings patched flaw back from the dead April Patch Tuesday…
-
Europe Prepares to Hunker Down Against Bug Finding AI Models
Commission VP Henna Virkkunen Pledges Action in Tuesday Parliamentary Session. The European Commission is defending its response to the advent of artificial intelligence models with strong cybersecurity bug dissecting capabilities while promising measures to protect the European Union from what many expect to be an imminent onslaught of AI-powered attacks. First seen on govinfosecurity.com Jump…
-
AI Agent Security: Automating Workflow Without Creating Prompt Injection or Data Leak Risks
AI agent security starts with a simple fact: the more authority an agent has, the tighter its access… First seen on hackread.com Jump to article: hackread.com/ai-agent-security-automating-prompt-injection-data-leak/ also interesting: Copilot diagrams could leak corporate emails via indirect prompt injection Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google Says, as MITRE Revamps ATTCK…
-
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/hackers-have-compromised-dozens-of-popular-open-source-packages-in-an-ongoing-supply-chain-attack/ also interesting: Starbucks operations hit after ransomware attack on supply chain software vendor Top 12 ways hackers broke…
-
From teen hacker to Iron Dome researcher, this founder raised $28M to fight AI phishing
Ocean, an agentic email security platform, raised funding from Lightspeed Venture Partners. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/from-teen-hacker-to-iron-dome-researcher-this-founder-raised-28m-to-fight-ai-phishing/ also interesting: AWS customers face massive breach amid alleged ShinyHunters regroup Cybersecurity Snapshot: Tenable Report Spotlights Cloud Exposures, as Google Catches Pro-Russia Hackers Impersonating Feds TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future –…
-
Discord enables endend encrypted voice and video calling for every user
Tags: communicationsGood news! Discord’s hundreds of millions of users now have their communications scrambled, so not even Discord can see them. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/19/discord-enables-end-to-end-encrypted-voice-and-video-calling-for-every-user/ also interesting: In Other News: China’s Undersea Spying, Hotel Spyware, Iran’s Disruptive Attacks CISA Released Secure Mobile Communication Best Practices 2025 UN agency’s job application database breached,…
-
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide. First seen on cyberscoop.com Jump to article: cyberscoop.com/verizon-data-breach-investigations-report-2026/ also interesting: Cloud Data Protection: How DSPM Helps You Discover, Classify and Secure All Your Data Assets Barts Health NHS discloses data breach after Oracle zero-day…
-
CISA Exposes Secrets, Credentials in ‘Private’ Repo
The agency’s GitHub repository, publicly available since November 2025, was ironically named Private-CISA. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cisa-exposes-secrets-credentials-private-repo also interesting: Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework CISA Admin…
-
FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-americans-lost-over-388-million-to-scams-using-crypto-atms-in-2025/ also interesting: FBI’s 2023 Cryptocurrency Fraud Report: $5.6 Billion Lost in Exploding Investment Scams Cryptocurrency wallet drainers stole $494 million in 2024 The…
-
Discord rolls out endend encryption on voice, video calls
Tags: encryptionDiscord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/discord-rolls-out-end-to-end-encryption-on-voice-video-calls/ also interesting: Telegram is NOT an Encrypted Messaging App, Must-See Documentaries Gratis-Tool: Sicherheitsforscher knacken ShrinkLocker-Verschlüsselung Zoom Adding Post-Quantum End-to-End Encryption To All Products HybridPetya-Ransomware knackt Windows…
-
Discord rolls out endend encryption on voice, video calls
Tags: encryptionDiscord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/discord-rolls-out-end-to-end-encryption-on-voice-video-calls/ also interesting: Neue VanHelsing-Ransomware breitet sich rasant aus Thales Named an Overall Leader in 2025 KuppingerCole Leadership Compass for Enterprise Secrets Management Windows BitLocker Flaws Allow…
-
CISA GitHub Leak Exposes AWS GovCloud Secrets
A public GitHub repository tied to a CISA contractor reportedly exposed AWS GovCloud credentials and internal deployment data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisa-github-leak-exposes-aws-govcloud-secrets/ also interesting: Why honeypots deserve a spot in your cybersecurity arsenal Wiz’s Security GraphDB vs. DeepTempo’s LogLM What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure CISA…
-
Drupal is rolling out an emergency security update on May 20. You cannot miss it
Tags: updateDrupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project tomorrow, and the way the announcement is worded should be enough to get any site administrator’s attention. The Drupal Security Team has confirmed it will release…
-
What to Look for When Choosing an ASPM Platform
Application security posture management (ASPM) has become a foundational capability for software-as-a-service (SaaS) and software companies building increasingly complex, artificial intelligence-assisted applications. As engineering velocity increases and AI-generated code becomes part of everyday development workflows, security teams are under pressure to unify visibility, reduce fragmented tooling, and improve how risk isidentifiedand prioritized across the software…
-
Microsoft Self-Service Password Reset abused in Azure data theft attacks
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/ also interesting: The 2024 cyberwar playbook: Tricks used by nation-state actors Getting the Most Value Out of the OSCP: The PEN-200 Course APT37 Targets Windows…
-
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft
A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs. The post Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reaper-shub-malware-mac-users/ also interesting: Mac Users Face New Malware…
-
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft
A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and business files from Macs. The post Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-reaper-shub-malware-mac-users/ also interesting: Mac Users Face New Malware…
-
Microsoft Launches New Surface AI PCs for Business Buyers
Microsoft launched new Surface for Business PCs with Intel Core Ultra Series 3 chips, AI features, 5G options, and enterprise security tools. The post Microsoft Launches New Surface AI PCs for Business Buyers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-surface-for-business-ai-pc-refresh/ also interesting: Top cybersecurity M&A deals for 2025 Top cybersecurity…
-
Huawei zero-day attack behind last year’s crash of Luxembourg’s entire telecoms network
There is no evidence that the incident has recurred, but the flaw remains unexplained and has not been publicly acknowledged by the company. First seen on therecord.media Jump to article: therecord.media/huawei-zero-day-behind-last-year-luxembourg-telecom-outage also interesting: Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack Top 7 zero-day exploitation trends of 2024 The 2024 cyberwar playbook:…
-
Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI ASM
Torrance, United States / California, May 19th, 2026, CyberNewswire Criminal IP has announced its return to Infosecurity Europe 2026 with a focus on delivering more actionable, decision-ready intelligence through its continuously evolving platform. Taking place from June 2 to June 4 at ExCeL London, one of Europe’s most influential cybersecurity events will once again bring…
-
Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft
Grafana refused an extortion demand after attackers used a stolen GitHub token to download code, with no customer data exposed so far. The post Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-grafana-github-token-codebase-breach/ also interesting: Act fast to blunt a new ransomware…
-
AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines
DragonForce claims it stole 390GB from AdvancedHEALTH, including patient data and minors’ records, as breach notices and legal scrutiny begin. The post AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-advancedhealth-ransomware-patient-data-claim/ also interesting: Finastra investigates breach potentially affecting top global banks Nebraska sues Change…
-
Microsoft Confirms Windows Update Bug Blocking Security Fixes
Microsoft confirmed that KB5089549 can fail with error 0x800f0922 on Windows 11 devices with low EFI partition space, and shared workarounds are available. The post Microsoft Confirms Windows Update Bug Blocking Security Fixes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-update-rollout-bug/ also interesting: Microsoft resumes rollout of Windows 11 KB5039302 update…
-
Patched OpenClaw Flaw Let Hackers Hijack AI Agents
Chainable Bugs Enable Credential Theft, Persistence, Takeover. Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by abusing the AI agent’s own privileges. The bugs enabled credential theft, privilege escalation and backdoor deployment, affecting all versions released before April 23. First seen on govinfosecurity.com Jump to article:…
-
Microsoft dismantled malware-signing network Fox Tempest
Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation run by a threat actor named Fox Tempest, which helped threat actors sign malware with short-lived certificates to make malicious software appear legitimate. The service abused Microsoft Artifact Signing and supported…
-
In stunning display of stupid, secret CISA credentials found in public GitHub repo
SSH keys, plaintext passwords, other sensitive data had been up since November 2025. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/05/in-stunning-display-of-stupid-secret-cisa-credentials-found-in-public-github-repo/ also interesting: Why honeypots deserve a spot in your cybersecurity arsenal Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint…
-
Passwortmanager: Bitwarden wechselt Führungskräfte und passt Preise an
Tags: unclassifiedNeben unangekündigten Personalwechseln und Preiserhöhungen streicht Bitwarden die Unternehmenswerte Transparenz und Inklusion. First seen on golem.de Jump to article: www.golem.de/news/passwortmanager-bitwarden-wechselt-fuehrungskraefte-und-passt-preise-an-2605-208780.html also interesting: Sinking Section 702 Wiretap Program Offered One Last Lifeboat ARD/ZDF-Onlinestudie: Knapp ein Viertel der Deutschen surft per Handy… Von Kriminellen genutzter Messenger: Weitere Verhaftungen wegen Anom-Daten Neue Masche beim Wohnungsbetrug
-
Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps
Tags: android, control, cybersecurity, fraud, infrastructure, intelligence, malicious, malware, threatCybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users.The activity, per HUMAN’s Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud.”Users First seen on thehackernews.com Jump to…
-
Why Commercial Cyber Threat Intelligence is Failing Defence Operations
Cyber is no longer a supporting capability. It now shapes how defence organisations plan, assess and act. Across NATO and allied forces, cyber intelligence is increasingly embedded into operational planning, from situational awareness through to targeting and strategic decision-making. At the same time, the threat landscape is becoming more complex. State-aligned actors are more active,…
-
The Invisible Workforce: Why Your Household Apps Now Have Their Own Digital IDs
Most people understand what it means to protect a human identity because the dangers of someone impersonating you online or stealing and cloning your card are immediately obvious. Today, organisations rely on thousands of non-human identities that belong to software applications, cloud workloads, APIs, bots, and now AI agents as well, which can affect almost…
-
Cyber Agony Aunts: New book Offers Practical Look at Resilience
Last week, Rebecca Taylor, Threat Intelligence Knowledge Manager and Researcher at Sophos, and Amelia Hewitt, Director of Cyber Consulting at Principle Defence and Founder of CybAid, released their second co-authored book Resilient You: An Agony Aunts’ Guide To Keeping It Together. The book is a follow up to their 2025 book Securely Yours. The book…
-
Only a Handful of CVEs Mattered for Supply Chain in 2025
Is the Vulnerability Exposed and Easily Exploitable?. Not all supply chain vulnerabilities are alike. Between the exploding volume of new CVEs and the number of actual mass attacks, there lies a sweet spot of just dozens of vulnerabilities to quickly patch to head off risk. No company is able to address every new vulnerability. First…
-
UK regulator to require tech firms to tackle deepfakes, non-consensual intimate images
Tags: deep-fakeThe regulator’s announcement said the change is being made due to the “urgent need to better protect women and girls online.” First seen on therecord.media Jump to article: therecord.media/uk-regulator-to-require-tech-firms-to-tackle-deepfakes-nudification-ai also interesting: Overconfident execs are making their companies vulnerable to fraud Massive trove of underage deepfakes leaked by misconfigured GenNomis database AI Fraud Funnels How Social…
-
Microsoft blames macOS update for undismissible Teams location prompts
Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-blames-undismissible-teams-location-prompts-on-macos-update/ also interesting: New XCSSET Malware Variant Targets macOS App Developers 9 top bug bounty programs launched in 2025 Microsoft issues emergency update for macOS and Linux ASP.NET…
-
Microsoft plans to improve Windows 11 driver quality in 2026
Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers “sit at the heart of every Windows experience” and connect the OS to the “silicon, components, and peripherals.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-improve-windows-11-driver-quality-in-2026/ also interesting: Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns Microsoft pushes emergency fix for…
-
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-closes-zero-day-payouts/ also interesting: The 2024 cyberwar playbook: Tricks used by nation-state actors Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework Modern supply-chain…
-
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-closes-zero-day-payouts/ also interesting: Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework Modern supply-chain attacks and their real-world impact Modern supply-chain attacks and…