Tag: exploit
-
Researcher Claims Claude Opus Enabled Creation of Working Chrome Exploit
A security researcher has shown that Anthropic’s Claude Opus can help build a working browser exploit chain against Google Chrome’s V8 engine, raising fresh concerns about how quickly AI can speed up offensive security work. The experiment was published by Mohan Pedhapati, also known as s1r1us, CTO of Hacktron, and it arrived just days after…
-
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. >>IoT devices are increasingly prime targets for…
-
Wie Hacker über GitHub-Kommentare KI-Agenten von Google und Anthropic kapern
Ein Sicherheitsforscher hat eine neue Form der Prompt Injection aufgedeckt, die populäre KI-Tools wie Claude Code, Gemini CLI und GitHub Copilot verwundbar macht. Über präparierte Kommentare und PR-Titel können Hacker Schadcode ausführen und sensible API-Schlüssel extrahieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/github-kommentare-ki
-
Nexcorium Mirai Variant Weaponises TBK DVR Vulnerability in Fresh IoT Botnet Push
A newly discovered Mirai malware variant named Nexcorium is actively targeting unpatched Internet of Things (IoT) devices. According to recent threat research from FortiGuard Labs, attackers are exploiting a severe vulnerability in TBK DVR systems to build a massive botnet capable of launching destructive distributed denial-of-service (DDoS) attacks. The campaign primarily focuses on CVE-2024-3721, a…
-
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the…
-
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end”‘of”‘life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting…
-
Critical sandbox bypass fixed in popular Thymeleaf Java template engine
new keyword followed by an ASCII space, T (Spring Expression Language type references) and @ (SpEL bean references in some code paths). However, the check only looked for ASCII space 0x20 characters, but the SpEL’s parser also accepts tab (0x09), newline (0x0A), and other control characters between new and the class name.Another policy blocked classes…
-
Critical sandbox bypass fixed in popular Thymeleaf Java template engine
new keyword followed by an ASCII space, T (Spring Expression Language type references) and @ (SpEL bean references in some code paths). However, the check only looked for ASCII space 0x20 characters, but the SpEL’s parser also accepts tab (0x09), newline (0x0A), and other control characters between new and the class name.Another policy blocked classes…
-
Finance Chiefs Warn New AI Models May Rattle Global Banking
Officials Warned New Models Could Accelerate Cyber Risks Faster Than Rules. Global finance officials meeting in Washington warned that advanced artificial intelligence models could expose structural weaknesses across banking and payment systems, speeding vulnerability discovery and cyber exploitation faster than regulators can build guardrails. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/finance-chiefs-warn-new-ai-models-may-rattle-global-banking-a-31457
-
Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/critical-exploits-ai-shifts-and-major-breaches-redefine-cybersecurity-this-week/
-
Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/critical-exploits-ai-shifts-and-major-breaches-redefine-cybersecurity-this-week/
-
We Need a Shared Responsibility Model for AI
Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data, exploit AI browsers, or poison the core memories of AI systems. As we responsibly disclosed these flaws, we found that AI vendors almost universally told us, “It’s not our problem.” In their..…
-
We Need a Shared Responsibility Model for AI
Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data, exploit AI browsers, or poison the core memories of AI systems. As we responsibly disclosed these flaws, we found that AI vendors almost universally told us, “It’s not our problem.” In their..…
-
Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real-life attacks, according to a cybersecurity firm. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/17/hackers-are-abusing-unpatched-windows-security-flaws-to-hack-into-organizations/
-
Maximizing Mythos Returns Requires AI Cybersecurity Pipeline
Optimizing Value and Utility Hinges on AI Scaffolding, Says Aisle’s Ondrej Vlcek. While the world is in awe of how Mythos can find vulnerabilities and chain together exploits, the next step is to identify how to build the best cybersecurity pipelines and scaffolding to get maximum value from all AI models used inside an organization,…
-
TP-Link routers face exploitation attempt linked to high-severity flaw
Researchers warn a potential botnet is targeting a vulnerability in end-of-life devices.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tp-link-routers-exploitation-high-severity-flaw/817831/
-
Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies
The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox. First seen on therecord.media Jump to article: therecord.media/ukraine-confirms-suspected-apt28-campaign-targeting-prosecutors
-
TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks
Hackers are actively scanning for vulnerable TP-Link home routers to push Mirai-style malware, abusing CVE-2023-33538 in a new wave of automated attacks. While the current exploit attempts are technically flawed, researchers warn that the underlying bug is real and dangerous when combined with default credentials and end”‘of”‘life firmware. It affects TL”‘WR940N v2/v4, TL”‘WR740N v1/v2 and…
-
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems.The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (…
-
Commercial AI Models Show Rapid Gains in Vulnerability Research
AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-models-rapid-gains/
-
The Vulnerability Management Race Is Over. It’s Time to Focus on Exposure.
With Anthropic’s Mythos Preview announcement, the race to patch all vulnerabilities is over. As defenders, we must move on. We must focus on what adversaries can do after they exploit a vulnerability: which attack paths those exploits enable, where those paths lead, and how to eliminate them before they reach what matters. That is a……
-
Exposed LLM Infrastructure: How Attackers Find and Exploit Misconfigured AI Deployments
Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and how to secure it fast. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/exposed-llm-infrastructure-how-attackers-find-and-exploit-misconfigured-ai-deployments/
-
We beat Google’s zero-knowledge proof of quantum cryptanalysis
Tags: ai, application-security, attack, best-practice, computer, computing, control, cryptography, data, exploit, google, group, Hardware, metric, programming, risk, rust, technology, tool, update, vulnerabilityTwo weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is…
-
Für 2.300 US-Dollar: Forscher entlockt Claude gefährlichen Chrome-Exploit
Ein Forscher hat mit Claude Opus in rund 20 Stunden eine funktionierende Exploit-Kette für Chrome entwickelt. Mythos braucht es dafür gar nicht. First seen on golem.de Jump to article: www.golem.de/news/fuer-2-300-us-dollar-forscher-entlockt-claude-gefaehrlichen-chrome-exploit-2604-207706.html
-
Another Microsoft Defender privilege escalation bug emerges days after patch
Second Defender-based LPE in days: The Defender flaw addressed earlier this week as part of Patch Tuesday was one of the two zero-day bugs Microsoft fixed, and it also allowed local privilege escalation stemming from “insufficient granularity of access control.”While Microsoft attributed the discovery of the flaw, tracked as CVE-2026-33825, to security researcher Zen Dodd,…
-
Mythos and Cybersecurity
Tags: access, ai, apple, crowdstrike, cybersecurity, exploit, microsoft, service, software, vulnerabilityLast week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations”, Microsoft, Apple, Amazon Web Services, CrowdStrike and other vendors of critical…
-
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/17/microsoft-defender-zero-days-exploited/
-
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-apache-activemq-flaw-as-actively-exploited-in-attacks/
-
PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of privileges. Security researcher Samuel de Lucas recently published the exploit details on GitHub, highlighting the…