Microsoft scrambles to patch a Defender security flaw called RoguePlanet

A week ago, the security researcher who goes by “Nightmare Eclipse” published information about RoguePlanet, a zero-day ...
Cult of Mac

Your old iPhone has a security flaw, and there’s nothing Apple can do to fix it

A newly disclosed exploit called usbliter8 hijacks the boot process on older iPhones with A12 and A13 chips, as well as other ...
Bleeping Computer

Google: Hackers used AI to develop zero-day exploit for web admin tool

Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. The exploit could be leveraged ...
New York Post

Google issues 2nd security warning in days over Chrome browser attacks

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...
Bleeping Computer

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. Since the start of the month, a ...
Dark Reading

Hackers Use AI for Exploit Development, Attack Automation

Threat actors are abusing AI tools in increasingly sophisticated ways, including exploit development and attack orchestration. Google today published new research tracking how adversaries leverage AI ...
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
TechCrunch

Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months. The vulnerability, ...
Krebs on Security

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions ...
Tidbits

What Anthropic’s Mythos and Project Glasswing Mean for Your Apple Devices

Anthropic, the company behind the Claude AI chatbot, made two security announcements that were shocking for many but seen as inevitable by those of us working in AI security. First, it announced ...
Computer Weekly

Computer Misuse Act reform to move forward in National Security Bill

The long-awaited reform of Britain’s outdated Computer Misuse Act of 1990 – which has hamstrung the work of the nation’s cyber security professionals and researchers for years – is to be included in a ...