Tag: exploit
-
Second iOS exploit kit emerges from suspected Russian hackers using possible U.S. government-developed tools
The kit, named DarkSword, has a variety of possible implications, the research from iVerify, Lookout and Google suggests. First seen on cyberscoop.com Jump to article: cyberscoop.com/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools/
-
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
Refund fraud is now a business, with methods and tutorials sold to exploit return policies for profit. Flare shows how fraudsters turn refunds and chargebacks into a repeatable profit model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-refund-fraud-economy-exploiting-major-retailers-and-payment-platforms/
-
New “Darksword” iOS exploit used in infostealer attack on iPhones
A new exploit kit for iOS devices and delivery framework dubbed “Darksword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-darksword-ios-exploit-used-in-infostealer-attack-on-iphones/
-
New “Darksword” iOS exploit used in infostealer attack on iPhones
A new exploit kit for iOS devices and delivery framework dubbed “Darksword” has been used to steal a wide range of personal information, including data from cryptocurrency wallet app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-darksword-ios-exploit-used-in-infostealer-attack-on-iphones/
-
AI-Enabled Adversaries Compress Time-to-Exploit Following Vulnerability Disclosure
Rapid7 says median time from publication to CISA KEV inclusion dropped to five days First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/exploitation-accelerates-in-2025/
-
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.The vulnerability, tracked as CVE-2026-32746, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of out-of-bounds write in…
-
Adaptability, Not Novelty: The Next Evolution of Malware
AI-enabled malware like VoidLink adapts to cloud misconfigurations in real time, showing how attackers exploit identity sprawl and configuration drift. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/adaptability-not-novelty-the-next-evolution-of-malware/
-
CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit
Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-3888 (CVSS score of 7.8), in Ubuntu Desktop 24.04+, which allows attackers to exploit a systemd cleanup timing issue to escalate privileges to root and potentially take full control…
-
Critical Telnetd Vulnerability Enables Remote Code Execution Attacks
A critical buffer overflow vulnerability has been discovered in the GNU InetUtils telnetd daemon. Tracked as CVE-2026-32746, the flaw carries a maximum CVSS 3.1 score of 9.8 and allows unauthenticated attackers to execute arbitrary code with root privileges. There is no confirmed active exploitation, and the severity of the flaw demands immediate attention from network…
-
Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats
The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vidar-stealer-exploits-github/
-
Can you prove the person on the other side is real?
Tags: access, ai, business, control, credentials, exploit, governance, identity, least-privilege, risk, threat, tool, updateExploiting the deceased and the dormant: Attackers follow leverage. Dormant, legacy and deceased identities create leverage because they already come with history, which serves as scaffolding for a synthetic persona to climb.I have seen how quickly a subdued record can become an entry point. An adversary pairs an older account or identity footprint with newly…
-
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level.Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system.”This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root…
-
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level.Tracked as CVE-2026-3888 (CVSS score: 7.8), the issue could allow an attacker to seize control of a susceptible system.”This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root…
-
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS.The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit’s Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted…
-
Researchers Disclose ‘RegPwn,’ a Windows Registry Weakness Allowing SYSTEM Access
Researchers at MDSec have disclosed a newly patched Elevation of Privilege vulnerability in Microsoft Windows, known as >>RegPwn<<. Tracked as CVE-2026-24291, this flaw allows a low-privileged user to gain full SYSTEM access by exploiting how Windows handles registry configurations for its built-in Accessibility features."‹ Windows Accessibility features, such as the On-Screen Keyboard and Narrator, run…
-
Fake Telegram Download Site Delivers Stealthy In-Memory Malware Loader
A newly discovered malware campaign is exploiting user trust in Telegram by distributing a trojanized installer through a typosquatted website, telegrgam[.]com. The site closely mimics the official Telegram download portal and delivers a malicious executable named tsetup-x64.6.exe, making it appear legitimate to unsuspecting users. Once downloaded and executed, the installer initiates a multi-stage attack chain while…
-
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.The vulnerability, tracked as CVE-2026-32746, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of out-of-bounds write in…
-
prompted: Key Insights from the AI Security Practitioners Conference FireTail Blog
Tags: ai, api, application-security, attack, automation, conference, cybersecurity, data, defense, detection, exploit, google, infrastructure, injection, LLM, malicious, malware, monitoring, openai, risk, strategy, theft, threat, tool, training, update, vulnerability, zero-dayMar 17, 2026 – Jeremy Snyder – The State of AI Security: Moving Beyond TheoryThe biggest shift evident at the [un]prompted AI Security Practitioners Conference was the move from purely theoretical discussions about “what could go wrong” to concrete, battle-tested methodologies for “what is going wrong and how we fix it.” It’s clear that AI…
-
prompted: Key Insights from the AI Security Practitioners Conference FireTail Blog
Tags: ai, api, application-security, attack, automation, conference, cybersecurity, data, defense, detection, exploit, google, infrastructure, injection, LLM, malicious, malware, monitoring, openai, risk, strategy, theft, threat, tool, training, update, vulnerability, zero-dayMar 17, 2026 – Jeremy Snyder – The State of AI Security: Moving Beyond TheoryThe biggest shift evident at the [un]prompted AI Security Practitioners Conference was the move from purely theoretical discussions about “what could go wrong” to concrete, battle-tested methodologies for “what is going wrong and how we fix it.” It’s clear that AI…
-
Huntress Launches Two New Security Posture Tools as Cyber Threats Surge
Cybersecurity firm Huntress has rolled out a pair of new products aimed at helping businesses shore up security weaknesses before attackers can exploit them, a shift from the reactive, detect-and-respond model that has long defined the industry. The company announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its…
-
Huntress Launches Two New Security Posture Tools as Cyber Threats Surge
Cybersecurity firm Huntress has rolled out a pair of new products aimed at helping businesses shore up security weaknesses before attackers can exploit them, a shift from the reactive, detect-and-respond model that has long defined the industry. The company announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its…
-
Huntress Launches Two New Security Posture Tools as Cyber Threats Surge
Cybersecurity firm Huntress has rolled out a pair of new products aimed at helping businesses shore up security weaknesses before attackers can exploit them, a shift from the reactive, detect-and-respond model that has long defined the industry. The company announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its…
-
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries.In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter’s sandbox mode permits outbound DNS queries that an attacker can exploit to enable interactive shells First seen…
-
Warlock Ransomware Group Augments Post-Exploitation Activities
In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/warlock-ransomware-post-exploitation-activities
-
RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts
RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to 15,000 daily exploitation attempts in a more focused and strategic campaign, Bitsight reported. >>We gathered all these exploit attempts (identifiable by indicators like the User-Agent and…