1+ hour, 10+ min ago  (482+ words) CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with Po C testing. Threat actors are exploiting a recently disclosed Linux kernel vulnerability leading to root shell access, the US cybersecurity agency…...

2+ hour, 23+ min ago  (468+ words) Open AI has announced a new account security feature for Chat GPT users at increased risk of targeted hacking attacks, and those who want extra account protection. Named Advanced Account Security, the new opt-in feature is recommended for journalists, researchers,…...

3+ hour, 28+ min ago  (484+ words) The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access. More than 40, 000 servers have likely been compromised as attackers ramp up exploitation of a recently patched c Panel zero-day. As part of the ongoing campaign, non-profit organization…...

2+ day, 1+ hour ago  (552+ words) Still under development, Bluekit provides users with automated domain registration and an AI Assistant. A recently discovered phishing kit provides miscreants with a broad range of capabilities, including an AI assistant and automated domain registration, Varonis reports. Dubbed Bluekit, it…...

2+ day, 20+ hour ago  (331+ words) Other noteworthy stories that might have slipped under the radar: OFAC hits Iranian central bank crypto reserves, ADT data leak, CISA guidance for zero trust in OT. Here are this week's highlights: OFAC hits Iranian central bank crypto reserves US…...

2+ day, 21+ hour ago  (683+ words) The maximum reward for a zero-click Pixel Titan M exploit with persistence has increased to $1. 5 million. Google has overhauled its Vulnerability Reward Programs (VRP) for Chrome and Android in response to a surge in the use of AI tools for…...

3+ day, 3+ hour ago  (617+ words) Threat actors are relying on social engineering to lure users into downloading files containing malicious instructions. Threat actors are using trojanized shared files to distribute malware via AI distribution platforms such as Hugging Face and Claw Hub, Acronis reports. The…...

3+ day, 4+ hour ago  (560+ words) The compromised Lightning and Intercom packages have a combined monthly download count of nearly 10 million. Over 1, 800 developers were affected by the Mini Shai-Hulud supply chain attack that hit the Py Pi, NPM, and PHP ecosystems over the past two days....

1+ week, 4+ day ago  (580+ words) New analysis from Abnormal AI reveals how attackers have abandoned technical exploits to weaponize routine workflows and internal trust. You can no longer recognize a phishing email by simply counting the typos. And you will get caught if you simply…...

3+ day, 16+ hour ago  (606+ words) With Mythos signaling a new era of near-instant exploitation, Anthropic positions Claude Security to help defenders keep pace. Mythos in the hands of attackers threatens a storm beyond the power of security teams to weather. Claude Security is designed to…...