Tag: exploit
-
Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours. First seen on hackread.com Jump to article: hackread.com/verizon-dbir-ai-hackers-exploit-vulnerabilities-breaches/
-
Exploit released for new PinTheft Arch Linux root escalation flaw
PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/linux/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw/
-
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week.The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass.”Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as…
-
Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector
Verizon DBIR finds 31% of data breaches began with software flaws last year First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/verizon-dbir-exploits-top-access/
-
PoC Exploit Released for DirtyDecrypt Linux Kernel Vulnerability
PoC exploit code for the DirtyDecrypt (DirtyCBC) Linux kernel vulnerability has been released publicly, turning a previously theoretical local privilege escalation into a practical, copy”‘paste exploit path to root on specific Linux distributions. DirtyDecrypt (also called DirtyCBC) is a local privilege escalation (LPE) in the Linux kernel’s RxGK security layer for the RxRPC transport used by…
-
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
-
Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware
Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land binary (LOLBIN) for stealthy attacks. MSHTA allows execution of VBScript and JavaScript from…
-
Vulnerability exploitation now primary origin of data breaches
Verizon’s annual cyber report reveals a major change in how data breaches originate, highlighting the impact of artificial intelligence. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643315/Vulnerability-exploitation-now-primary-origin-of-data-breaches
-
Verizon DBIR: Enterprises Face a Dangerous Vulnerability Glut
Verizon’s 2026 Data Breach Investigations Report (DBIR) finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/verizon-dbir-enterprises-vulnerability-glut
-
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
Verizon’s annual Data Breach Investigations Report uncovered a surge of exploited vulnerabilities, and a growing lack of critical defect remediation industrywide. First seen on cyberscoop.com Jump to article: cyberscoop.com/verizon-data-breach-investigations-report-2026/
-
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-closes-zero-day-payouts/
-
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-closes-zero-day-payouts/
-
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/patch-bypass-hackers-exploit-flaw-sonicwall/820600/
-
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE).Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it…
-
Malware-Kampagnen in Windows über das Legacy-Internet-Tool MSHTA von Microsoft
Cyberkriminelle nutzen legitime und mit Vorliebe veraltete Betriebssystemtools, um sie für ihre Zwecke zu missbrauchen und Angriffe zu tarnen. Je vertrauenswürdiger ein Dienstprogramm, umso besser. So beobachten die Bitdefender Labs den kontinuierlichen Exploit des Microsoft-HTML-Application-Host (MSHTA) und verzeichneten in den letzten Monaten eine höhere Frequenz von Angriffsketten, in denen die ausführbare Datei mshta.exe eine Rolle…
-
Verizon Breach Report: Vulnerability Exploitation Surges
Tags: access, breach, data, data-breach, exploit, hacker, Hardware, ransomware, software, update, vulnerabilityPatch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIR. The frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim’s environment continues to surge, and half of all successful breaches also now involve some type of ransomware action, according Verizon’s 2026 Data Breach Investigations Report. First…
-
Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare
Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC.”The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days,” the maintainers of the PHP-based…
-
Hackers Actively Exploit ‘Nginx Rift’ Vulnerability Affecting NGINX, F5 Products
Hackers are actively exploiting the Nginx Rift vulnerability affecting NGINX and F5 products, exposing servers to denial-of-service attacks. First seen on hackread.com Jump to article: hackread.com/hackers-exploit-nginx-rift-vulnerability-nginx-f5-products/
-
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance.”These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the internal…
-
20-Year-Old PostgreSQL Flaw Gets Public PoC Exploit for Remote Code Execution
A newly released proof-of-concept (PoC) exploit for CVE-2026-2005 has brought renewed attention to a critical vulnerability in PostgreSQL’s pgcrypto extension, exposing systems to remote code execution (RCE). Security researchers warn that the flaw, rooted in legacy code paths dating back nearly two decades, could allow attackers to escalate privileges and execute arbitrary commands on affected…
-
Four-Faith Industrial Routers Targeted in Botnet Hijacking Campaign
Tags: authentication, botnet, cve, cyber, data-breach, exploit, flaw, malicious, router, vulnerabilityFour-Faith industrial cellular routers are being actively targeted in a growing botnet campaign exploiting a critical authentication bypass flaw tracked as CVE-2024-9643. Security researchers warn that attackers are rapidly weaponizing the vulnerability to hijack exposed devices and repurpose them as part of large-scale malicious infrastructure. Four-Faith Industrial Routers Targeted CVE-2024-9643 affects Four-Faith F3x36 industrial routers…
-
Critical NGINX Vulnerability CVE-2026-42945 Now Under Active Attack
Cybersecurity researchers are warning that attackers have already started exploiting a newly disclosed NGINX vulnerability, tracked as CVE-2026-42945, just days after technical details and proof-of-concept code became public. The flaw, also referred to as NGINX Rift, affects millions of potentially exposed servers and has raised concerns across the security community due to its potential impact on core internet…
-
Hackers Exploit Entra ID Accounts to Steal Microsoft 365, Azure Data
Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data. A highly sophisticated cyberattack campaign carried out by a threat actor tracked as Storm-2949, targeting Microsoft Entra ID accounts to steal sensitive data from Microsoft 365 and Azure environments. Instead of deploying malicious payloads, Storm-2949 abused legitimate cloud management features to gain…
-
Sicherheitslücke wird ausgenutzt: Hacker greifen Nginx-Webserver an
Angreifer machen Nginx-Webserver mit einem öffentlich verfügbaren Exploit unerreichbar. Auch eine Schadcodeausführung ist manchmal möglich. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-wird-ausgenutzt-hacker-greifen-nginx-webserver-an-2605-208796.html
-
Mythos Preview Automates PoC Exploit Creation for Vulnerability Research
A new AI model from Anthropic is changing how security teams find and prove software vulnerabilities. It is raising hard questions about what happens when the same technology falls into the wrong hands. Cloudflare has published findings from its participation in Project Glasswing, Anthropic’s controlled research program, revealing that Mythos Preview, a security-focused large language model, can…
-
‘Dirty Frag” – Exploit ermöglicht Root-Zugriff auf gängigen Linux-Distributionen
First seen on security-insider.de Jump to article: www.security-insider.de/dirty-frag-linux-kernel-root-privilegienerweiterung-a-1b9036c48d50dcb440bccd0da0c70687/
-
âš¡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.The pattern is clear. One weak dependency can leak keys. One leaked key…
-
Cyber attackers bypass traditional defences as ‘user-driven’ attacks surge, Bridewell warns
Cyber attackers are increasingly sidestepping traditional security tools by exploiting users themselves, according to Bridewell’s newly released Cyber Threat Intelligence Report 2026. The report highlights a significant shift in attacker behaviour, with threat actors moving away from malware-heavy campaigns towards identity-driven and socially engineered attacks that operate within trusted systems, often leaving little trace for…
-
New image-based prompt injection attack targets multimodal AI models
Researchers claim strong black-box transferability: The researchers evaluated the technique against multiple open-source LVLMs, including MiniGPT4, BLIP-2, InstructBLIP, BLIVA, and Qwen2.5-VL, the paper added.According to the paper, the attack achieved an average success rate of 66.36% across tested models, outperforming prior baseline attacks by roughly 41 percentage points.The researchers also said the technique demonstrated “strong…
-
Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/ngnix-vulnerability-exploited-cve-2026-42945/