Attack of the killer script kiddies
…security controls they have in place, the more time they will need for patching. Simply putting out a patch makes it easier for attackers to reverse engineer the bug fix and exploit…
Search
All sources
bleepingcomputer.com
36
pcworld.com
13
theregister.com
12
tweaktown.com
6
androidauthority.com
5
9to5mac.com
4
theverge.com
4
windowscentral.com
3
techradar.com
3
neowin.net
3
macrumors.com
3
tomsguide.com
3
Videos
More videosMicrosoft fixes a major BitLocker bug… but leaves Windows 10 users hanging (for now)
…The security sleuth posted the zero-day YellowKey exploit, which enabled them to access a locked file. For context, YellowKey can be triggered by copying some files to a USB stick and…
VS Code zero-day lets hackers steal GitHub tokens in one click
…exploit this flaw. Askar said they notified GitHub one hour before disclosing the bug and noted that they chose immediate public disclosure due to a prior negative experience with Microsoft's security…
CISA flags two-year-old Oracle flaw as actively exploited in attacks
…exploited in the wild. More recently, in March, Oracle released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability (CVE-2026-21992) in Identity Manager and…
Top stories
Google fixes one actively exploited Android zero-day, 124 flaws
3d agoMicrosoft threatened a security researcher with criminal charges, and the cybersecurity community isn't having it
5d agoMicrosoft under fire for threatening security researcher with criminal investigation | TechCrunch
6d agoMillions of Chrome and Edge Users Exposed To Alarming Exploit by Google Security Blunder
1w agoWindows 11 KB5089549 can be planted with deadly Registry hack to take over your system
A newly published proof-of-concept(PoC) exploit has renewed attention on a Windows vulnerability that researchers say may not have been fully resolved despite an earlier security fix from Microsoft. The…
Cisco warns of critical Unified CM flaw with PoC exploit code
…Cybersecurity and Infrastructure Security Agency (CISA) tagged 91 Cisco vulnerabilities as actively exploited in the wild, six of which have been used by various ransomware operations. Test every layer before attackers do…
Partnering with Mozilla to improve Firefox’s security
…Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them. This gives defenders the advantage. And with the recent release of Claude Code Security in limited…
Discussions and forums
Speed Matters: Why AI Software Vulnerability Exploitation is going be bad
I co-founded a successful security company close to the Mythos ecosystem and have spoken with participants in the know and I am deeply concerned. We, collectively, have answers for some but not all of the problems ahead …
13
5
We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother
Quick note from a scanning project I've been running. We hit 6,000 web apps with a payment-bypass probe last week, sending a minimal fake `checkout.session.completed` event to common webhook paths (`/api/webhook/stripe`,…
Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool
…It is unclear if Apple has already patched the exploit. Apple's security notes for the macOS 26.5 update released this week mention a fix for a kernel-level vulnerability, and…
Apple's iOS 26.5 Update Patches More Than 50 Security Flaws
…Ten WebKit vulnerabilities that could allow access to sensitive data or cause crashing were fixed. Other updates Apple released today also include multiple security fixes. For iPhone and iPad users unable to…
GitHub rushed to fix a critical vulnerability in less than six hours
…internally and confirmed the severity,” explains Alexis Wales, GitHub chief information security officer. “This was a critical issue that required immediate action.” GitHub’s engineering team developed a fix and deployed it…