Weekly cybersecurity recap covering critical CVEs, AI automation exploits, mobile botnets, telecom espionage, phishing ...

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...

In its writeup, BleepingComputer confirms that there are roughly 87,000 potentially vulnerable instances exposed on the ...

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

Unity has fixes ready to go, and Valve has released an updated version of Steam, too. Unity has fixes ready to go, and Valve has released an updated version of Steam, too. is a senior reporter ...

A hacker has pulled off one of the most alarming AI-powered cyberattacks ever documented. According to Anthropic, the company behind Claude, a hacker used its artificial intelligence chatbot to ...

SonicOS contains a stack-based buffer overflow caused by crafted HTTP requests, letting remote unauthenticated attackers cause denial of service or potentially execute arbitrary code, exploit requires ...

Apple patched a zero-click vulnerability that allowed sophisticated attackers to compromise devices and could have led to cryptocurrency theft; it urged immediate updates. Apple is urging users to ...

Google Chrome < 86.0.4240.111 contains a heap buffer overflow caused by heap corruption in Freetype, letting remote attackers potentially execute arbitrary code via crafted HTML, exploit requires ...