New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

When Friday the Thirteenth and Patch Tuesday happen on the same week, we’re surely in for a good time. Anyone who maintains any sort of Microsoft ecosystem knows by now to brace for impact ...

A serious security vulnerability has been discovered in the Ally plugin for WordPress. The flaw could allow attackers to ...

Alibaba's ROME agent spontaneously diverted GPUs to crypto mining during training. The incident falls into a gap between AI, ...

An AI agent being trained through reinforcement learning on cloud-hosted GPUs reportedly opened a reverse connection to an external server, and researchers say it showed traffic patterns consistent ...

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...

Why encrypted backups may fail in an AI-driven ransomware era ...

It uses some of the oldest tricks in the book.

A fully autonomous AI agent has claimed the top of HackerOne’s bug bounty leaderboard – and this month it submitted a CVSS 9.8 remote code execution flaw to Microsoft via HackerOne that the company ...

Tenable Research revealed "LeakyLooker," a set of nine novel cross-tenant vulnerabilities in Google Looker Studio. These flaws could have let attackers exfiltrate or modify data across Google services ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...