#silentpatch

[ follow ]
#cybersecurity #vulnerabilities #vulnerability #ai #microsoft #security #firefox #malware #claude-mythos #mozilla
#microsoft-defender
Information security
fromSecurityWeek
1 hour ago

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.
Information security
fromTechRepublic
2 days ago

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.
Information security
fromThe Hacker News
5 days ago

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.
Information security
fromSecurityWeek
1 hour ago

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.
Information security
fromTechRepublic
2 days ago

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.
Information security
fromThe Hacker News
5 days ago

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.
more#microsoft-defender
#apple
Apple
fromThe Hacker News
1 hour ago

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Apple has released a software update to fix a flaw in iOS and iPadOS that retained deleted notifications on devices.
Apple
fromSecurityWeek
59 minutes ago

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats

Apple released updates to fix a vulnerability that allowed recovery of deleted messages on iOS and iPadOS devices.
Apple
fromTechCrunch
14 hours ago

Apple fixes bug that cops used to extract deleted chat messages from iPhones | TechCrunch

Apple fixed a bug that allowed law enforcement to extract deleted messages from iPhones and iPads via cached notifications.
Apple
fromThe Hacker News
1 hour ago

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Apple has released a software update to fix a flaw in iOS and iPadOS that retained deleted notifications on devices.
Apple
fromSecurityWeek
59 minutes ago

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats

Apple released updates to fix a vulnerability that allowed recovery of deleted messages on iOS and iPadOS devices.
Apple
fromTechCrunch
14 hours ago

Apple fixes bug that cops used to extract deleted chat messages from iPhones | TechCrunch

Apple fixed a bug that allowed law enforcement to extract deleted messages from iPhones and iPads via cached notifications.
more#apple
#cybersecurity
fromTechCrunch
1 day ago
Privacy professionals

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

Information security
fromTechRepublic
16 hours ago

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.
Information security
fromThe Hacker News
1 day ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
Privacy technologies
fromTheregister
1 hour ago

NCSC: Passkeys now good enough to be the default standard

The NCSC endorses passkeys as the default authentication standard, urging consumers to abandon passwords for enhanced security.
Privacy professionals
fromTechCrunch
1 day ago

Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims | TechCrunch

Unauthorized users accessed Mythos, a cybersecurity tool by Anthropic, through a third-party vendor, raising concerns about its potential misuse.
DevOps
fromSecuritymagazine
1 day ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
Information security
fromTheregister
21 minutes ago

Sharing isn't caring if it's an admin password: Pwned

Prioritizing convenience over security can lead to significant data loss, as demonstrated by a client using a common password and sharing it publicly.
Information security
fromTechRepublic
16 hours ago

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.
Information security
fromThe Hacker News
1 day ago

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

A vulnerability in Google's Antigravity IDE allowed code execution through insufficient input sanitization in the find_by_name tool.
more#cybersecurity
#firefox
Web frameworks
fromZDNET
16 hours ago

New Firefox update patches a whopping 271 bugs, thanks to Claude Mythos

Firefox 150 introduces enhanced features and fixes 271 security flaws.
Information security
fromTechzine Global
1 day ago

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.
Web frameworks
fromZDNET
16 hours ago

New Firefox update patches a whopping 271 bugs, thanks to Claude Mythos

Firefox 150 introduces enhanced features and fixes 271 security flaws.
Information security
fromTechzine Global
1 day ago

As Mythos fixes Mozilla flaws, unauthorized access spells disaster

Firefox's Claude Mythos Preview addresses 271 vulnerabilities, but unauthorized access raises concerns about potential misuse by threat actors.
more#firefox
Remote teams
fromAP News
5 hours ago

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but comes with privacy and security risks when working in public spaces.
#ransomware
Law
fromTheregister
1 day ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Law
fromTheregister
1 day ago

Third ransomware pro pleads guilty to cybercrime U-turn

Angelo Martino pleaded guilty to aiding the ALPHV/BlackCat ransomware gang in extorting US businesses.
fromTechCrunch
1 day ago
Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

more#ransomware
#microsoft
Information security
fromArs Technica
14 hours ago

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for ASP.NET Core to fix a high-severity vulnerability allowing unauthenticated attackers to gain SYSTEM privileges.
Information security
fromThe Hacker News
23 hours ago

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft released updates to fix a critical security vulnerability in ASP.NET Core that allows privilege escalation for unauthorized attackers.
Information security
fromTheregister
2 days ago

Microsoft releases Windows Server update to fix April update

Microsoft released an out-of-band update to fix a restart loop issue affecting Windows Server devices after the April 2026 update.
Information security
fromTechRepublic
1 week ago

Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days

Microsoft released a significant security update addressing 165 vulnerabilities, including two critical zero-days, marking one of the largest updates in its history.
Information security
fromComputerWeekly.com
1 week ago

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft's April Patch Tuesday update addresses over 160 issues, including two critical zero-day vulnerabilities, marking one of the largest updates in history.
more#microsoft
Apple
fromEngadget
13 hours ago

Apple rolls out iOS 26.4.2 to fix a flaw that allowed the FBI to access push notifications

Apple's iOS update fixes a flaw allowing law enforcement to view deleted push notifications, enhancing user privacy.
#ai
fromEngadget
1 day ago
Artificial intelligence

Mozilla says it patched 271 Firefox vulnerabilities thanks to Anthropic's Claude Mythos

Information security
fromFast Company
23 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
fromInfoWorld
7 hours ago
Information security

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

Information security
fromComputerworld
7 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
from24/7 Wall St.
14 hours ago

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.
Artificial intelligence
fromEngadget
1 day ago

Mozilla says it patched 271 Firefox vulnerabilities thanks to Anthropic's Claude Mythos

Mozilla's use of Anthropic's Claude Mythos model successfully identified and patched 271 vulnerabilities in Firefox, showcasing AI's potential in cybersecurity.
Software development
fromTheregister
1 day ago

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.
Information security
fromFast Company
23 hours ago

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.
Information security
fromInfoWorld
7 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
fromComputerworld
7 hours ago

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.
Information security
from24/7 Wall St.
14 hours ago

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.
more#ai
Privacy professionals
fromSecuritymagazine
1 day ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
DevOps
fromTechzine Global
2 days ago

Emergency Update for Windows Server Following Reboot Issues

Microsoft released emergency updates for Windows Server to address LSASS crashes and installation issues following the April 2026 Patch Tuesday updates.
Information security
fromTechRepublic
12 hours ago

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

Over 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw, CVE-2026-32201, posing significant security risks.
#ai-security
Artificial intelligence
fromTechRepublic
2 days ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromSecuritymagazine
1 day ago

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.
Artificial intelligence
fromTechRepublic
2 days ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromSecuritymagazine
1 day ago

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.
more#ai-security
fromSecurityWeek
3 days ago

Half of the 6 Million Internet-Facing FTP Servers Lack Encryption

Approximately 6 million internet-accessible systems are using FTP today, and almost half of them do not use encryption, exposing enterprises and end users to avoidable risks.
Privacy professionals
#security
Information security
fromInfoWorld
14 hours ago

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Long-lived tokens in applications can be exploited by attackers to gain unauthorized access and issue legitimate tokens.
Information security
fromThe Hacker News
1 day ago

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical vulnerability in the Terrarium Python sandbox allows arbitrary code execution with root privileges, rated 9.3 on the CVSS scale.
Information security
fromInfoWorld
14 hours ago

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Long-lived tokens in applications can be exploited by attackers to gain unauthorized access and issue legitimate tokens.
Information security
fromThe Hacker News
1 day ago

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical vulnerability in the Terrarium Python sandbox allows arbitrary code execution with root privileges, rated 9.3 on the CVSS scale.
more#security
Information security
fromSecurityWeek
1 day ago

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.
fromTNW | Anthropic
15 hours ago
Information security

Mozilla fixes 271 Firefox vulnerabilities found by Anthropic's Claude Mythos in a single evaluation pass

Mozilla's Firefox 150 fixes 271 security vulnerabilities identified by Anthropic's AI model, Mythos, showcasing the model's effectiveness in vulnerability detection.
Information security
fromComputerWeekly.com
21 hours ago

A tsunami of flaws: When frontier AI and Patch Tuesday collide | Computer Weekly

April 2025 Patch Tuesday update was the second-largest in history, addressing over 160 vulnerabilities, with AI tools potentially driving the increase.
Information security
fromSecurityWeek
22 hours ago

North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks

North Korean hackers are targeting macOS users in financial organizations using social engineering techniques to install information-stealing malware.
Information security
fromTheregister
11 hours ago

Another npm supply chain worm hits dev environments

A new npm supply-chain attack targets developer workflows, compromising multiple packages and stealing sensitive data, with similarities to previous CanisterWorm infections.
Information security
fromTNW | Next-Featured
1 day ago

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.
Information security
fromInfoWorld
9 hours ago

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.
#cisa
Information security
fromSecurityWeek
1 day ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
Information security
fromSecurityWeek
1 week ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
Information security
fromSecurityWeek
1 day ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
Information security
fromSecurityWeek
1 week ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
more#cisa
Information security
fromComputerWeekly.com
18 hours ago

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.
#vulnerabilities
Information security
fromThe Hacker News
1 week ago

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical vulnerabilities in Adobe, Fortinet, Microsoft, and SAP products were highlighted in April's Patch Tuesday releases.
Information security
fromSecurityWeek
1 day ago

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.
Information security
fromThe Hacker News
1 week ago

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical vulnerabilities in Adobe, Fortinet, Microsoft, and SAP products were highlighted in April's Patch Tuesday releases.
more#vulnerabilities
#ai-in-cybersecurity
Information security
fromArs Technica
1 day ago

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

AI tools like Mythos enhance cybersecurity by making vulnerability discovery cheaper and more efficient for defenders.
Information security
fromWIRED
1 day ago

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.
Information security
fromArs Technica
1 day ago

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

AI tools like Mythos enhance cybersecurity by making vulnerability discovery cheaper and more efficient for defenders.
Information security
fromWIRED
1 day ago

Mozilla Used Anthropic's Mythos to Find and Fix 151 Bugs in Firefox

Mozilla's Firefox 150 includes protections for 271 vulnerabilities identified using AI tools, highlighting the significant impact of AI on cybersecurity.
more#ai-in-cybersecurity
fromEngadget
1 day ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

We're investigating a report claiming unauthorized access to Claude Mythos Previous through one of our third-party vendor environments.
Information security
Information security
fromSecurityWeek
22 hours ago

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.
Information security
fromSecurityWeek
1 day ago

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.
Information security
fromSecuritymagazine
3 days ago

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.
Information security
fromTechzine Global
2 days ago

Aikido Endpoint offers developers additional protection against supply chain attacks

Aikido Endpoint protects developers' endpoints from supply chain attacks by blocking high-risk installations before they reach the system.
fromSecurityWeek
2 days ago

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.
Information security
Information security
fromTheregister
5 days ago

CISA tells feds to patch 13-year-old Apache ActiveMQ bug

CISA warns of a critical Apache ActiveMQ vulnerability requiring federal agencies to patch within two weeks to prevent exploitation.
Information security
fromDevOps.com
5 days ago

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.
Information security
fromSecurityWeek
6 days ago

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released fixes for high and medium-severity vulnerabilities in its products, including Splunk Enterprise, Cloud Platform, and MCP Server.
#cisco
Information security
fromThe Hacker News
6 days ago

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.
Information security
fromSecurityWeek
6 days ago

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.
Information security
fromThe Hacker News
6 days ago

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.
Information security
fromSecurityWeek
6 days ago

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.
more#cisco
Information security
fromSecurityWeek
1 week ago

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.
Information security
fromSecurityWeek
1 week ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
Information security
fromSecurityWeek
1 week ago

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.
[ Load more ]