I Built an AI Cybersecurity Research Factory (for CTFs & Vulnerabilities)
This Linux Bug Gives Attackers Root
KDE gets €1M, 3 big vulnerabilities for Linux, EU privacy disaster brewing - Linux Weekly News
Before You Trust Another Self-Hosted App, Watch This
AI Is Hacking Everything Now...
Reinventing Web Security
The Supply Chain Attacks All Have One Thing in Common. It's GitHub.
Security-driven Rapid Release - Pwn2Own Documentary (Part 4)
A Vulnerability to Hack The World - CVE-2023-4863
Mythos unleashed on Opensource
Linux Weekly News: AI invades Kwin, Lutris & AMD drivers, SUSE could be sold
An initiative to secure the world's software | Project Glasswing
…Microsoft describes this security flaw (CVE-2026-42897) as a spoofing vulnerability affecting up-to-date Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE) software. While patches aren…
Devops Using AI to code does not mean your code is more secure Use of AI coding assistants has surged, but so has the number of vulnerabilities in AI-generated code As…
…Announced today on the open-source security mailing list by V12 Security is Fragnesia as a local privilege escalation exploit that is of the same vulnerability class as Dirty Frag. Fragnesia centers…
…CodeMender helps solve this problem by taking a comprehensive approach to code security that’s both reactive, instantly patching new vulnerabilities, and proactive, rewriting and securing existing code and eliminating entire classes…
Another Linux vulnerability in the same category as Dirty Frag has been found! Another eight of these more I guess? In any case the fatigue is coming up for me. Things are getting crazy! "It abuses a logic bug in the Lin…
Security fixes This release contains security fixes for the following advisories. We strongly advice to update as soon as possible. SSO Login CSRF - GHSA-pfp2-jhgq-6hg5, GHSA-w6h6-8r66-hcv7 User/Organization Enumeration …
If Firefox is any indication, the new AI discovers two years' worth of vulnerabilities in a short period of time. Firefox seems to be an early adopter of this technology, but we should see a huge flux of newly discovered…
CopyFail just dropped, it's a new Linux kernel vulnerability that gives attackers root privileges. https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/ Debian ha…
This is part of the dirtyfrag family, but is different enough to warrant its own CVE. https://www.bleepingcomputer.com/news/security/new-fragnesia-linux-flaw-lets-attackers-gain-root-privileges/ Known as Fragnasia and tr…
…Such vulnerabilities are particularly concerning in shared workstation or server environments where ordinary users could potentially escalate privileges beyond intended limits. The disclosures continue a recent series of Windows security issues published…
…The vulnerability, named PinTheft by the V12 security team and still waiting to be assigned a CVE ID for easier tracking, exists in the Linux kernel's RDS (Reliable Datagram Sockets) and…
…on X to stay in the loop and be sure to check out the Security Engineering blog, which covers topics ranging from VRP updates to security practices and vulnerability descriptions! POSTED IN:
…CVE CVSS CWE Dependabot EPSS GitHub Security Lab malware vulnerability Written by Security Analyst, curator of the GitHub Advisory Database, and one of the members of the Security Lab responsible for issuing…
…A 2022 vulnerability named Dirty Pipe also stemmed from flaws that allow attackers to overwrite page caches. Researchers from security firm Automox wrote : Dirty Frag belongs to the same bug family as…
…CVE-2012-1854 , an insecure library loading vulnerability in Microsoft Visual Basic for Applications that allows RCE. Microsoft pushed a security fix for this one in July 2012, and then a second…