Tag: exploit
-
Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
-
Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940)
Security researchers at XLab have outlined an active attack campaign targeting CVE-2026-41940, the recently disclosed vulnerability in cPanel WHM, and have linked it to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/cpanel-vulnerability-exploited-backdoor-cve-2026-41940/
-
Google Says Hackers Used AI to Build Zero-Day Exploit
Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking. The post Google Says Hackers Used AI to Build Zero-Day Exploit appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-hackers-ai-zero-day-exploit/
-
Developer workstations are the new beachhead
Tags: access, application-security, attack, authentication, cloud, container, control, credentials, edr, endpoint, exploit, github, group, Hardware, identity, incident response, infrastructure, malware, mfa, monitoring, network, software, supply-chain, threat, updateThe economics that drive the convergence: A typical developer workstation holds SSH keys, cloud provider credentials, container registry tokens, Git authentication tokens and CI/CD pipeline secrets. Many developers have administrative access to internal package registries and deployment infrastructure. Their machines often sit outside the hardened perimeter that security teams build around production systems.From an attacker’s…
-
Why patching SLAs should be the floor, not the strategy
SLAs measure discipline, not risk: Here’s the mental model I’ve been pushing with my peers. Think of patching SLAs the way you think of fire drills. Fire drills are necessary. They prove that, on a predictable cadence, your organization can execute a known procedure. No one in charge of a building full of people would…
-
Supply-Chain-Angriff: Hunderte von NPM- und PyPI-Paketen kompromittiert
Die Hackergruppe TeamPCP gräbt sich erneut durch unzählige NPM- und Python-Pakete und verbreitet Schadcode, der vor allem Zugangsdaten sammelt. First seen on golem.de Jump to article: www.golem.de/news/supply-chain-angriff-hunderte-von-npm-und-pypi-paketen-kompromittiert-2605-208562.html
-
Claude Chrome Extension Flaw Lets Malicious Add-Ons Steal Gmail and Drive Data
A critical vulnerability dubbed >>ClaudeBleed<< has compromised Anthropic's trusted AI assistant, potentially turning it into a backdoor. This severe design flaw in the Claude Chrome extension allows malicious add-ons to hijack the AI secretly. Even extensions with zero declared permissions can exploit this vulnerability to steal sensitive data from Gmail, Google Drive, and GitHub. In…
-
OpenAI Daybreak Automates Vulnerability Detection and Patching
Tags: ai, control, cyber, cyberattack, detection, exploit, intelligence, openai, software, update, vulnerability, zero-dayThe relentless race against zero-day exploits and sophisticated cyberattacks requires a revolutionary approach to software security. Defenders are constantly overwhelmed by massive backlogs of alerts and the sheer volume of code requiring manual review. Enter OpenAI Daybreak, a frontier artificial intelligence system built specifically for cyber defenders. By shifting the focus from reactive damage control…
-
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the >>BitUnlocker<< attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in July 2025, the flaw exposes a critical weakness in how Secure Boot interacts with legacy…
-
Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecommerce websites stealthily. Because GTM is widely used and loaded from the trusted domain googletagmanager.com, malicious scripts can blend in with legitimate site functionality, making detection significantly harder. Once embedded into a compromised…
-
Google Warns Hackers Are Using AI to Build Working Zero-Day Exploits
Artificial intelligence has officially transitioned from an experimental hacking novelty into an industrial-scale weapon for cybercriminals. Google Threat Intelligence Group (GTIG) adversaries are now actively using generative AI models to discover vulnerabilities and engineer functional zero-day exploits. This marks a significant escalation in the cyber threat landscape, shifting AI’s role from a simple research assistant…
-
Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched
Tags: access, attack, business, control, cve, cybersecurity, exploit, flaw, group, incident response, infosec, linux, LLM, mitigation, risk, service, strategy, switch, technology, tool, update, vulnerability, zero-day), a logic bug which lets users easily obtain root access, and Dirty Frag, which abuses weaknesses in how the Linux kernel handles fragmented memory pages. The Dirty Frag attack combines two separate vulnerabilities affecting the Linux IPsec Encapsulating Security Payload (ESP) subsystem (CVE-2026-43284) and the RxRPC networking protocol (CVE-2026-43500). The proposal has set off a furious…
-
Google Says Hackers Used AI to Develop a Zero-Day Exploit
Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI. First seen on hackread.com Jump to article: hackread.com/google-hackers-used-ai-develop-zero-day-exploit/
-
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments.The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the…
-
‘Dirty Frag’ Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/dirty-frag-exploit-blow-up-enterprise-linux-distros
-
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Tags: 2fa, ai, cybercrime, exploit, google, hacker, intelligence, malicious, technology, threat, vulnerability, zero-dayGoogle on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation.The activity is said to…
-
AI used to develop working zero-day exploit, researchers warn
A report by GTIG shows threat groups are increasingly leveraging AI to scale attacks. The exploitation attempt was disclosed and patched, preventing a mass incident. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-working-zero-day-exploit-GTIG/819848/
-
Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits
Tags: access, ai, attack, cloud, cyber, cyberattack, defense, exploit, google, hacker, intelligence, supply-chain, threat, vulnerability, zero-dayGoogle says hackers now use AI to create exploits, automate attacks, evade defenses, and target AI supply chains at scale. Artificial intelligence is rapidly changing the cyber threat landscape, and a new report from the Google Cloud Threat Intelligence team highlights how attackers already use AI to improve vulnerability exploitation and gain initial access to…
-
The Threat Window Is Shrinking. The Response Gap Isn’t
Patching Workflows Built for Weekly Cycles Can’t Survive an Era of Hourly Exploits AI is shrinking the window between vulnerability disclosure and active exploitation from weeks to hours. But remediation workflows haven’t kept pace. Security teams need real-time intelligence, unified IT and security operations, and automated remediation to close the gap before attackers do. First…
-
Microsoft 365 Copilot Flaws Could Let Attackers Access Sensitive Data
Microsoft has disclosed a trio of critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. Released on May 7, 2026, these security flaws pose a substantial risk to enterprise data privacy and corporate confidentiality. If successfully exploited, malicious actors could bypass established security boundaries to access sensitive information processed, summarized,…
-
PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access
Tags: access, android, cve, cyber, exploit, flaw, github, google, remote-code-execution, vulnerabilityPublic references indicate that a GitHub proof-of-concept is now circulating for CVE-2026-0073, the critical Android flaw documented in Google’s May 2026 security bulletin, raising the urgency for defenders with wireless ADB enabled on test or production devices. Google and multiple security reports describe the issue as a no-interaction remote code execution vulnerability in Android’s adbd…
-
Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hackers-ai-exploit-dev-attack-automation
-
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-dayIdentity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
-
Your Purple Team Isn’t Purple, It’s Just Red and Blue in the Same Room
Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that’s longer than the exploitation window itself.Nobody in that…
-
New ‘Dirty Frag’ exploit targets Linux kernel for root access
Tags: access, attack, control, cve, exploit, linux, malicious, microsoft, mitigation, monitoring, switch, tool, vulnerabilityAttackers are already exploiting Dirty Frag: Microsoft warned that Dirty Frag is already being actively exploited in the wild, primarily as a post-compromise privilege escalation tool. The company said attackers are using the vulnerability after obtaining an initial foothold on vulnerable Linux systems, allowing them to elevate privileges from a low-level user account to full…