Tag: exploit
-
Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real-life attacks, according to a cybersecurity firm. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/17/hackers-are-abusing-unpatched-windows-security-flaws-to-hack-into-organizations/
-
Maximizing Mythos Returns Requires AI Cybersecurity Pipeline
Optimizing Value and Utility Hinges on AI Scaffolding, Says Aisle’s Ondrej Vlcek. While the world is in awe of how Mythos can find vulnerabilities and chain together exploits, the next step is to identify how to build the best cybersecurity pipelines and scaffolding to get maximum value from all AI models used inside an organization,…
-
TP-Link routers face exploitation attempt linked to high-severity flaw
Researchers warn a potential botnet is targeting a vulnerability in end-of-life devices.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tp-link-routers-exploitation-high-severity-flaw/817831/
-
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems.The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (…
-
Commercial AI Models Show Rapid Gains in Vulnerability Research
AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-models-rapid-gains/
-
Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies
The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox. First seen on therecord.media Jump to article: therecord.media/ukraine-confirms-suspected-apt28-campaign-targeting-prosecutors
-
TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks
Hackers are actively scanning for vulnerable TP-Link home routers to push Mirai-style malware, abusing CVE-2023-33538 in a new wave of automated attacks. While the current exploit attempts are technically flawed, researchers warn that the underlying bug is real and dangerous when combined with default credentials and end”‘of”‘life firmware. It affects TL”‘WR940N v2/v4, TL”‘WR740N v1/v2 and…
-
The Vulnerability Management Race Is Over. It’s Time to Focus on Exposure.
With Anthropic’s Mythos Preview announcement, the race to patch all vulnerabilities is over. As defenders, we must move on. We must focus on what adversaries can do after they exploit a vulnerability: which attack paths those exploits enable, where those paths lead, and how to eliminate them before they reach what matters. That is a……
-
Exposed LLM Infrastructure: How Attackers Find and Exploit Misconfigured AI Deployments
Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and how to secure it fast. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/exposed-llm-infrastructure-how-attackers-find-and-exploit-misconfigured-ai-deployments/
-
We beat Google’s zero-knowledge proof of quantum cryptanalysis
Tags: ai, application-security, attack, best-practice, computer, computing, control, cryptography, data, exploit, google, group, Hardware, metric, programming, risk, rust, technology, tool, update, vulnerabilityTwo weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is…
-
Für 2.300 US-Dollar: Forscher entlockt Claude gefährlichen Chrome-Exploit
Ein Forscher hat mit Claude Opus in rund 20 Stunden eine funktionierende Exploit-Kette für Chrome entwickelt. Mythos braucht es dafür gar nicht. First seen on golem.de Jump to article: www.golem.de/news/fuer-2-300-us-dollar-forscher-entlockt-claude-gefaehrlichen-chrome-exploit-2604-207706.html
-
Mythos and Cybersecurity
Tags: access, ai, apple, crowdstrike, cybersecurity, exploit, microsoft, service, software, vulnerabilityLast week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations”, Microsoft, Apple, Amazon Web Services, CrowdStrike and other vendors of critical…
-
Another Microsoft Defender privilege escalation bug emerges days after patch
Second Defender-based LPE in days: The Defender flaw addressed earlier this week as part of Patch Tuesday was one of the two zero-day bugs Microsoft fixed, and it also allowed local privilege escalation stemming from “insufficient granularity of access control.”While Microsoft attributed the discovery of the flaw, tracked as CVE-2026-33825, to security researcher Zen Dodd,…
-
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/17/microsoft-defender-zero-days-exploited/
-
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-apache-activemq-flaw-as-actively-exploited-in-attacks/
-
PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of privileges. Security researcher Samuel de Lucas recently published the exploit details on GitHub, highlighting the…
-
Critical nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
A critical vulnerability identified as CVE-2026-33032 is drawing urgent attention from the cybersecurity community due to its role in enabling a full-scale Nginx server takeover. The flaw affects nginx-ui, a widely used open-source web interface designed to simplify the management of Nginx servers. Since its disclosure, evidence has confirmed that attackers are already exploiting the issue in real-world scenarios.…
-
Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters
OX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard for AI agent communication, this foundational flaw exposes systems to Arbitrary Command Execution (RCE). Attackers who exploit this vulnerability can seize complete control of affected MCP implementations, gaining direct access to…
-
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by…
-
Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face
Tags: backdoor, blockchain, credentials, cve, cyber, exploit, infection, rce, remote-code-execution, theftAttackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high”‘value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement to PostgreSQL and Redis, and a blockchain-based C2 channel that is difficult to monitor or…
-
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by…
-
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by…
-
Claude Opus wrote a Chrome exploit for $2,283
Pause your Mythos panic because mainstream models anyone can use already pick holes in popular software First seen on theregister.com Jump to article: www.theregister.com/2026/04/17/claude_opus_wrote_chrome_exploit/
-
Recently leaked Windows zero-days now exploited in attacks
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/recently-leaked-windows-zero-days-now-exploited-in-attacks/
-
Cargo Hackers Hit Trucking Firms to Steal Physical Shipments
Hackers are increasingly breaking into trucking and freight companies to quietly hijack real-world cargo shipments, turning digital access into physical theft at scale. Researchers say organized crime rings are teaming up with cybercriminals to exploit the systems carriers and freight brokers use every day to book and dispatch loads. Cargo theft is already a multi”‘billion”‘dollar…
-
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA).To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian First seen on thehackernews.com…
-
Microsoft’s Windows Recall still allows silent data extraction
Exploitation risk: The barrier to weaponizing this technique is lower than Microsoft’s security messaging would suggest, Hagenah said.”They only need code running in the user’s context and a way to reuse the authorized Recall session,” he said. “That is a much lower bar than many people would assume from Microsoft’s security messaging.”While Recall’s limitation to…
-
CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access
An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and take full control of Nginx servers. A critical vulnerability in nginx-ui, tracked as CVE-2026-33032 (CVSS score of 9.8), is being actively exploited, allowing attackers to bypass authentication and fully take over Nginx servers. The issue stems from improper protection of the /mcp_message endpoint,…
-
Behind the Mythos hype, Glasswing has just one confirmed CVE
Why is Glasswing still a big deal: VulnCheck’s findings reframe Glasswing’s capabilities. The limited number of directly attributable CVEs is just one way of measuring its impact. Industry observers are interpreting Mythos much differently.Melissa Bischoping, a SANS Technology Institute board member and senior Director of security and product research at Tanium, thinks Mythos potential lies…