Security News
114 posts

IonStack You tap one link, and root is already running on your Android 17 phone. You never download a file or approve a permission box because the page does the …
You are completely anonymous and think no one can trace you. But Windows put a permanent number on your machine, it never turns off, and that number is where …

TrojPix pulled a file off a computer that connects to nothing. 8.1 megabits a second. 208 meters away. Straight through a 30 cm concrete wall. It went out over …

JADEPUFFER is the first documented ransomware operation run by an AI agent. The agent broke in, stole credentials, jumped to a second target, encrypted a …

Millions of devices read an SD card with one small piece of code called FatFs, and researchers just found seven ways to break it. The worst one hands the whole …

Your AI assistant just sent you to a login page that did not exist a few weeks ago, and the person who registered it is already collecting the passwords people …

You unzipped a file with WinRAR, the way you always do. Nothing on screen looked wrong. The next morning you logged in and malware was already running, and the …

A Docker container on a Gitea build runner can break out to root on the host, the setting built to stop that does nothing, and there is no patch yet. CVSS 9.9. …

A flaw in the Linux kernel called pedit COW lets a regular, unprivileged user rewrite /bin/su in memory and become root, while the copy on disk never changes …

Google told a security researcher his bug was a nice catch, lined up his payout, then eleven days later called it harmless and refused to pay a cent. The flaw …

usbliter8 takes control of the iPhone XS and iPhone 11 before iOS even loads, and no update Apple ships can ever close it. The flaw lives in the SecureROM, the …

FortiBleed Fortinet credential leak. Attackers can log into more than 80,000 corporate firewalls right now, and on 2,645 of them the password was 123456. The …

A 27-year-old flaw in OpenBSD let attackers bypass its PPP login with nothing more than an empty username and an empty password. Hand a vulnerable system a …

1.2 million WordPress sites were caught in a supply chain attack last week, where the admin’s own login quietly created a secret account and planted a …

More than 400 packages in the Arch User Repository (AUR) were hijacked this week, and the attacker never broke into a single system to do it. They took over …

Nightmare-Eclipse is back again, this time with a BitLocker bypass called GreatXML that runs straight through Microsoft’s own antivirus. On a Windows …

GitHub disabled 73 of Microsoft’s own repositories in 105 seconds, after a worm called Miasma planted a credential stealer inside Microsoft’s Azure …

Nightmare-Eclipse is back, with a new exploit called RoguePlanet. Windows 10 and 11 have a new zero-day that lets a user with no rights take complete control of …

One extra character in the Linux kernel hands a normal user root. A single ! that does not belong inside nftables, the firewall built into Debian and Ubuntu by …

Internet Explorer can still take over a fully patched Windows machine, years after Microsoft retired it in 2022. The code that ran it was never removed from …

A single visit to one website can quietly turn your browser into part of a botnet, and the working code to do it is now still sitting out in the open. It …

Your phone, your TV, your router, anything in your home with an internet connection can be put to work crawling the web for the AI industry, and nothing on the …

A new exploit called HTTP/2 Bomb lets one ordinary home computer take down nginx, Apache, Microsoft IIS, Envoy and Cloudflare Pingora, the web servers behind a …

Hackers took over some of the most valuable accounts on Instagram over the weekend by asking Meta’s own AI support bot to hand them the keys, and it …

Six working Windows attacks are sitting in the open right now, three of them already seen in a real intrusion, and the researcher who published them did it …

FROST lets a website time your SSD and see which sites and apps you have open, even ones running in a different browser. It needs no malware and nothing to …

BadHost is one character in an HTTP header that bypasses authentication on FastAPI, vLLM, LiteLLM, and the Python MCP SDK. They all run on Starlette. Starlette …

A SQL injection vulnerability in Ghost CMS has turned Harvard University, Oxford University, and DuckDuckGo into malware distribution platforms. Visitors arrive …

Google tells you the key is gone. It keeps working for 23 more minutes. When you delete a Google API key, a dialog appears that says the following: “Once …

GhostTree makes Windows Defender stop scanning. Two lines of code, no admin rights, and malware sitting right next to it goes completely undetected. A Varonis …