#patchbug-exploit
#patchbug-exploit

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Information security

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

7 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

CPUID was compromised to distribute malicious executables and deploy STX RAT for less than 24 hours.

6 hours ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Silicon Valley

fromWIRED

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.

7 hours ago

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

CPUID was compromised to distribute malicious executables and deploy STX RAT for less than 24 hours.

NVD

Axios library versions prior to 1.15.0 are vulnerable to Prototype Pollution, leading to Remote Code Execution and Full Cloud Compromise.

#data-breach

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

fromTechCrunch

5 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

fromTechCrunch

5 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Rockstar Games confirms third-party breach hit company data

ShinyHunters claims to have accessed Rockstar Games' data through a third-party breach, demanding payment to avoid leaking information.

more#data-breach

Privacy professionals

6 hours ago

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

#ai

fromwww.npr.org

US news

How AI is getting better at finding security holes

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

31 minutes ago

Information security

Runtime security becomes critical as AI accelerates threats

54 minutes ago

Information security

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromSecuritymagazine

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.

fromwww.npr.org

US news

How AI is getting better at finding security holes

Artificial intelligence

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

31 minutes ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

54 minutes ago

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromSecuritymagazine

What Are Security Experts Saying About Claude Mythos and Project Glasswing?

Claude Mythos Preview enhances vulnerability detection but poses risks if misused by cybercriminals, prompting Anthropic to limit its public release.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Apple

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

more#apple-intelligence

Software development

fromDevOps.com

Appknox Adds AI Tool to Detect and Fix Vulnerabilities in Mobile Applications - DevOps.com

Appknox introduces AI to assess mobile app vulnerabilities and recommend fixes, enhancing the patching process for software engineering teams.

Privacy professionals

fromTechCrunch

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

fromInfoWorld

7 hours ago

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

NVD

Tinyproxy versions up to 1.11.3 are vulnerable to HTTP request parsing desynchronization due to case-sensitive Transfer-Encoding header comparison.

Software development

fromInfoWorld

Internet Bug Bounty program hits pause on payouts

The Internet Bug Bounty program is pausing submissions for bug reports in open-source software to reassess its approach to security.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

1 hour ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

1 hour ago

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

more#malware

Privacy professionals

fromWIRED

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

8 hours ago

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

A zero-day vulnerability in Adobe Reader is being exploited through malicious PDF documents to harvest sensitive data and execute additional payloads.

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

A zero-day vulnerability in Adobe Reader is being exploited through malicious PDF documents to harvest sensitive data and execute additional payloads.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

8 hours ago

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

Artificial intelligence

fromFuturism

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

APT37 employs social engineering on Facebook to deliver RokRAT via a compromised PDF viewer.

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Google released Chrome 147, fixing 60 vulnerabilities, including two critical ones affecting WebML, with significant bug bounties awarded to researchers.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors hijacked the Smart Slider 3 Pro plugin update system to distribute a backdoored version affecting WordPress and Joomla users.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors hijacked the Smart Slider 3 Pro plugin update system to distribute a backdoored version affecting WordPress and Joomla users.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Nine vulnerabilities in the Orthanc DICOM server allow attackers to crash servers, leak data, and execute arbitrary code remotely.

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks released patches for multiple vulnerabilities, including severe flaws that could lead to privilege escalation and remote device takeover.

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

'BlueHammer' Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A security researcher released exploit code for a Windows zero-day vulnerability called BlueHammer, allowing privilege escalation without an official Microsoft patch.

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, expanding its reach beyond routers and edge devices.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

A critical security flaw in Flowise allows remote code execution, posing severe risks to business continuity and customer data.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

A critical security flaw in Flowise allows remote code execution, posing severe risks to business continuity and customer data.

more#flowise

fromDeveloper Tech News

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions due to AI-driven vulnerability discovery outpacing human researchers' rewards.

10 ChatGPT AI Prompts L1 SOC Analysts Can Use in Their Daily Work

Generative AI tools like ChatGPT can assist SOC analysts in managing alerts and improving workflow efficiency.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

A 13-year-old RCE vulnerability in Apache ActiveMQ Classic can be exploited to bypass authentication and execute OS commands.

GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack

A new Rowhammer attack, GPUBreach, allows privilege escalation and memory corruption in GPUs, posing significant threats to cloud environments.

Attackers exploited the FortiClient EMS bug as a 0-day

Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS, which is being actively exploited.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Attackers exploited the FortiClient EMS bug as a 0-day

Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS, which is being actively exploited.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

A campaign targets ComfyUI instances for cryptocurrency mining and botnet enlistment through remote code execution exploits.

AI agents found vulns in this Linux and Unix print server

Two vulnerabilities in CUPS allow unauthenticated remote code execution and root file overwrite, posing significant security risks in networked environments.

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."

Information security

2 weeks ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.

3 weeks ago

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

AWS Bedrock's connectivity makes it powerful but also exposes it to multiple attack vectors that can compromise enterprise data.

3 weeks ago

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Threat actors exploited a critical Langflow vulnerability for remote code execution within 20 hours of its public disclosure.

fromArs Technica

3 weeks ago

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.

Investigating a New Click-Fix Variant

Atos Researchers identified a new variant of the popular ClickFix technique, where attackers convince the user to execute a malicious command on their own device through the Win + R shortcut. In this variation, a "net use" command is used to map a network drive from an external server, after which a ".cmd" batch file hosted on that drive is executed.

Information security

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.

Researchers hack malware gang via its own weak spot

An XSS flaw in StealC’s web panel allowed takeover of operator sessions, revealing millions of stolen cookies, passwords, and YouTube-based malware distribution.

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

BeyondTrust announced patches for CVE-2026-1731 on February 6, the same day Hacktron AI, whose researchers discovered the issue in late January, warned that roughly 11,000 instances had been exposed to the internet, including approximately 8,500 on-prem deployments that may have been vulnerable to attacks. "Given that BeyondTrust Remote Support and Privileged Remote Access are widely deployed in enterprise environments for remote access and privileged session management, the potential blast radius of this vulnerability is significant," Hacktron said.

Information security

#beyondtrust

Information security

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Information security

BeyondTrust Remote Support has a critical vulnerability

Information security

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability