Search

theverge.com › column › 935545 › …

Hackers are learning to exploit chatbot ‘personalities’

…security worker, a group for whom technical skills are optional, or at least less important than social intuition. No longer do they need to inspect code to break into systems or exploit…

May 24, 2026 · Robert Hart

Top stories

bleepingcomputer.com

Max severity Ivanti Sentry vulnerability now exploited in attacks

3d ago

bleepingcomputer.com

Ivanti: Max severity Sentry flaw allows code execution as root

4d ago

bleepingcomputer.com

Cisco warns of critical Unified CM flaw with PoC exploit code

1w ago

bleepingcomputer.com

VS Code zero-day lets hackers steal GitHub tokens in one click

1w ago

cncf.io › blog › 2026 › …

The AI-driven shift in vulnerability discovery: What maintainers and bug finders need to know

…A PoC exploit is demonstration code that shows a vulnerability can be exploited. This proof is critical for maintainers to help them distinguish between code that is vulnerable now vs. code that…

Apr 16, 2026

extremetech.com › internet

Mozilla Says Claude Mythos Helped Find 271 Firefox Bugs

…probably exploit. Human security engineers still reviewed the findings, validated risk levels, and designed fixes, but the AI mainly accelerated the process and pattern matching across a very large codebase. Anthropic's…

Apr 24, 2026 · Devesh Beri

9to5mac.com › 2026 › 03 › …

Apple confirms today’s iOS and iPadOS updates fix Coruna exploit - 9to5Mac

…Now, Apple has published the security content for the updates, confirming that they address kernel and WebKit vulnerabilities associated with the Coruna exploit, and that they fix it on “devices that cannot…

Mar 12, 2026 · Marcus Mendes

Discussions and forums

Hacker News · u/cayleyh · 3w ago

Ask HN: Are advances in AI going to push Linux to a micro-kernel?

This is something that has been bouncing around my head for the past couple weeks with the flood of security related news around Mythos and the number of 0days being found.Microkernels, unikernals, hardware-enforced capa…

4 9

Hacker News · u/introvertmac · Dec 3, 2025

Tell HN: Compliance is not equal to Security

For over a decade, I’ve been doing bug bounty, security audits, and security consulting. And if there’s one thing I’ve seen repeatedly, it’s this:Most startups call a security engineer or hire a security agency only when…

1 1

r/netsec · u/unknownhad · May 10, 2026

The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.

The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …

Hacker News · u/honeylabs · 3w ago

Show HN: HoneyLabs – Public honeypot threat Intel feed and MCP server

I've been running a small fleet of honeypots for about a year. They get hit by a mix of research scanners (Censys, Shadowserver, etc.), old worms, and a bump of CVE probes the day a new Nuclei template ships. The data wa…

4 2

xda-developers.com

Flatpak 1.16.4 patches a critical flaw that gave apps full host access

…and code execution. Also blocks arbitrary file deletion and read-access exploits in host and system-helper contexts. Update Flatpak now (or wait for OS updates) to protect privacy and security. One…

Apr 8, 2026 · Simon Batt

windowscentral.com › microsoft

Windows 11’s June Patch Tuesday closes an intentional BitLocker backdoor — what to know

…The tech giant indicated that publishing the unpatched bugs along with code to exploit them placed customers across its ecosystem at risk. The company initially threatened legal action against the security researcher…

Jun 10, 2026 · Kevin Okemwa

bleepingcomputer.com › news › security

phpBB forum fixes auth bypass bug lurking for a decade

…and is trivial to exploit with a single HTTP request. It impacts phpBB versions 4.0.0-a2 or 3.3.16 and below. Researchers at application security company Aikido found the…

Jun 12, 2026 · Bill Toulas

theverge.com › tech › 941179

Meta’s own AI was exploited to hijack Instagram accounts

…As shown in the Telegram video, a hacker simply asked Meta’s support chatbot, “Just link to my new mail address i send code for you [hacker_email]@gmail.com.” From there…

Jun 1, 2026 · Emma Roth

bleepingcomputer.com › news › security

Google accidentally exposed details of unfixed Chromium flaw

…The flaw was reported by security researcher Lyra Rebane and acknowledged as valid in December 2022, as per the thread on Chromium Issue Tracker. An attacker could exploit the problem to create…

May 21, 2026 · Bill Toulas

theregister.com › security › 2026 › …

Lightning-fast exploits mean patch fast, says Cisco Talos

CSO Lightning-fast exploits make it essential to patch fast, ask questions later Here's where you ought to spend your security billable hours budget this year Strengthen your MFA policies, double…

Mar 23, 2026 · Brandon Vigliarolo