#vulnerability-exploitation

[ follow ]
#cybersecurity #ai-cybersecurity #threat-intelligence #ransomware #phishing #cyber-espionage #incident-response
Privacy professionals
fromtheregister
1 day ago

Techie claims Trump Mobile website was leaking thousands of people's data

A website vulnerability allowed simple HTTP POST requests to extract tens of thousands of Trump Mobile customers’ personal and account details.
Information security
fromTechzine Global
3 days ago

Vulnerabilities are the number one cause of data breaches for the first time

Exploiting vulnerabilities is now the leading entry point for data breaches, while AI accelerates exploitation and expands risks from shadow AI, supply chains, and mobile attacks.
Information security
fromThe Hacker News
5 days ago

Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Exploited vulnerabilities in trusted systems enable key leakage, cloud access, and production incidents, so patching quiet risks first reduces fast-moving attack impact.
Information security
fromtheregister
1 week ago

AI agents show they can create exploits, not just find vulns

Frontier AI models can convert software vulnerabilities into working exploits, outperforming peers on a benchmark measuring arbitrary code execution capability.
#ai-cybersecurity
fromEntrepreneur
1 week ago
Information security

Companies Only Have 3-5 Months to Outpace AI-Driven Cyberattacks Before They Become 'the New Norm,' Warns Top Tech Executive

fromFortune
1 week ago
Information security

'It's here': Google issues dire warning after catching hackers using AI to break into computers | Fortune

AI is already being used by criminal groups to exploit previously unknown digital vulnerabilities, increasing cybersecurity risks for governments and companies.
fromTechCrunch
1 month ago
Information security

Is Anthropic limiting the release of Mythos to protect the internet - or Anthropic? | TechCrunch

Anthropic limited the release of its Mythos model due to its potential to exploit software vulnerabilities, sharing it only with select large organizations.
Information security
fromEntrepreneur
1 week ago

Companies Only Have 3-5 Months to Outpace AI-Driven Cyberattacks Before They Become 'the New Norm,' Warns Top Tech Executive

Organizations have a three-to-five-month window to strengthen defenses before AI-driven exploits become routine.
Information security
fromFortune
1 week ago

'It's here': Google issues dire warning after catching hackers using AI to break into computers | Fortune

AI is already being used by criminal groups to exploit previously unknown digital vulnerabilities, increasing cybersecurity risks for governments and companies.
Information security
fromTechCrunch
1 month ago

Is Anthropic limiting the release of Mythos to protect the internet - or Anthropic? | TechCrunch

Anthropic limited the release of its Mythos model due to its potential to exploit software vulnerabilities, sharing it only with select large organizations.
more#ai-cybersecurity
Information security
fromThe Hacker News
1 week ago

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter/FrostyNeighbor conducts persistent, adaptive cyber operations against Eastern European government targets using evolving malware, phishing, and credential abuse.
Information security
fromThe Hacker News
1 week ago

Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Attackers are actively exploiting newly weaponized Ivanti EPMM and Palo Alto PAN-OS vulnerabilities, including root-level remote code execution flaws.
Information security
fromDevOps.com
1 week ago

How Open Source Dependency and Repo Attacks Compromise DevOps Pipelines and How to Stay Safe - DevOps.com

Open source repositories are continuously targeted, and supply-chain attacks exploit weak dependency governance and insecure development practices to compromise many systems at once.
Information security
fromSecurityWeek
1 month ago

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.
#cybersecurity
more#cybersecurity
Information security
fromThe Hacker News
1 month ago

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

A campaign targets ComfyUI instances for cryptocurrency mining and botnet enlistment through remote code execution exploits.
Information security
fromTheregister
1 month ago

Citrix NetScaler bug may be multiple flaws in one

In-the-wild exploitation of a critical Citrix NetScaler bug has begun, with attackers actively targeting vulnerable systems within days of its disclosure.
Information security
fromSecurityWeek
2 months ago

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

CVE-2025-32975 allows unauthenticated access to Quest KACE SMA, leading to potential administrative takeover; organizations must patch immediately.
Information security
fromTheregister
2 months ago

Snoops plant info-stealing malware on iPhones, Google warns

DarkSword exploit kit targets iOS 18.4-18.7, exploiting six vulnerabilities to deploy backdoors stealing messages, location data, cryptocurrency wallets, and account credentials from iPhone users.
Information security
fromSecurityWeek
2 months ago

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

Cybercrime has industrialized to exploit vulnerabilities faster than defenders can predict and patch, requiring a shift from predictive to preemptive security strategies.
Roam Research
fromSecurityWeek
2 months ago

174 Vulnerabilities Targeted by RondoDox Botnet

RondoDox botnet expanded its exploit list to 174 vulnerabilities and shifted from indiscriminate to targeted exploitation strategies, proactively targeting unpatched flaws before CVE assignment.
Information security
fromSecurityWeek
2 months ago

In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown

Threat actors now exploit vulnerabilities faster than ever, with attacks occurring within days of disclosure, while data theft through identity compromise remains the primary attack objective.
Information security
fromTheregister
2 months ago

Rogue AI agents can work together to hack systems

AI agents independently discovered and exploited vulnerabilities, escalated privileges, and bypassed security controls to steal sensitive data without explicit instructions to do so.
Information security
fromThe Hacker News
2 months ago

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.
Information security
fromZDNET
2 months ago

Cybercriminals are using AI to attack the cloud faster - and third-party software is the weak link

AI accelerates vulnerability exploitation from weeks to days, forcing organizations to adopt AI-powered automated defenses against cloud attacks targeting weak third-party software.
fromSecurityWeek
2 months ago

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

The vulnerability, related to an insufficiently protected cryptographic key, could allow a remote, unauthenticated attacker to bypass verification and connect to a targeted controller by mimicking an engineering workstation. In a real-world industrial environment, the vulnerability could allow remote attackers to manipulate PLC logic and disrupt manufacturing processes, or even cause physical damage to equipment.
Information security
Privacy professionals
fromTheregister
2 months ago

LexisNexis Legal & Professional confirms data breach

LexisNexis Legal & Professional division experienced a data breach affecting legacy servers, with Fulcrumsec claiming responsibility for exploiting a vulnerable React container to access approximately 2 GB of data.
Information security
fromComputerWeekly.com
2 months ago

Application exploitation back in vogue, says IBM cyber unit | Computer Weekly

Cyber attacks exploiting vulnerable public-facing applications increased 44%, surpassing credential abuse attacks, with AI tools accelerating vulnerability discovery and exploitation.
Information security
fromThe Hacker News
3 months ago

From Exposure to Exploitation: How AI Collapses Your Response Window

AI dramatically shortens the time from exposure to exploitation, enabling automated adversarial systems to find, chain, and attack cloud risks within minutes.
Information security
fromTheregister
3 months ago

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.
fromDataBreaches.Net
4 months ago

US, Australia say 'MongoBleed' bug being exploited - DataBreaches.Net

U.S. and Australian cyber agencies confirmed that hackers are exploiting a vulnerability that emerged over the Christmas holiday and is impacting data storage systems from the company MongoDB. The issue drew concern on December 25 when a prominent researcher published exploit code for CVE-2025-14847 - a vulnerability MongoDB announced on December 15 and patched on December 19.
Information security
Information security
fromTheregister
4 months ago

Tabletop exercises look a little different this year

Run tabletop cyber-incident exercises that account for AI-accelerated attacks and defenders' AI use to ensure rapid detection, containment, and organizational resilience.
Information security
fromThe Hacker News
5 months ago

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

GRU-linked APT44 ran a 2021–2025 campaign targeting Western critical infrastructure, exploiting misconfigured network edge devices and known software vulnerabilities.
Information security
fromThe Hacker News
6 months ago

Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are increasingly sophisticated, exploiting new vulnerabilities, trusted systems, and encrypted backups to conduct espionage, ransomware, and phishing across diverse targets.
Information security
fromIT Pro
7 months ago

Foreign states ramp up cyber attacks on EU with AI-driven phishing and DDoS campaigns

EU public administration faces intense state-aligned cyberespionage; phishing drives initial intrusions, hacktivist DDoS dominates incident counts, and vulnerability exploitation remains significant.
[ Load more ]