#responsible-disclosure

[ follow ]
#security-vulnerabilities #zero-day-vulnerabilities #ai-assisted-cybercrime
Information security
fromThe Hacker News
2 days ago

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

A zero-day 2FA bypass was found and fixed after likely AI-assisted exploit generation using a Python script targeting an open-source web administration tool.
Information security
fromtheregister
5 days ago

'Dirty Frag' Linux flaw one-ups CopyFail with no patches and public root exploit

Dirty Frag is a universal Linux local privilege escalation flaw chaining two kernel bugs, enabling unprivileged users to gain immediate root on major distributions without patches or CVE.
Information security
fromDataBreaches.Net
4 months ago

Conde Nast gets hacked, and DataBreaches gets "played" - Christmas lump of coal edition - DataBreaches.Net

DataBreaches engages with cybercriminals and researchers, sometimes withholding reports to avoid extortion pressure, while occasionally publishing leaks when personal information is exposed.
Information security
fromTheregister
4 months ago

Pen testers accused of 'blackmail' over Eurostar AI flaws

Eurostar's AI chatbot had four vulnerabilities enabling HTML injection and prompt leakage; researchers who reported them were accused of "blackmail" by Eurostar's security head.
fromSecuritymagazine
5 months ago

What AI Vulnerabilities Do Security Leaders Tend To Overlook?

Since we're talking cybersecurity, let's start with iDEFENSE. I bought the company in 2002 as an investor rather than an operator, then subsequently became CEO. As the first commercial cyber threat intelligence vendor, we established the first global zero day acquisition program and created the 'Responsible Disclosure' process driving software companies to accelerate their patch creation and rollout schedule. This was ground breaking and the initiation of the bug bounty world we live in today.
Information security
Information security
fromTechzine Global
8 months ago

Hackers access Burger King systems with ease

Extensive security flaws at Restaurant Brands International allowed attackers full administrative access across 30,000+ Burger King, Tim Hortons, and Popeyes locations.
[ Load more ]