Latest IntelligenceVulnerabilitiesPage 9
Search by keyword →
Crimenetwork Takedown Exposes 22,000 Users and Over 100 Illegal Sellers
In a massive, internationally coordinated operation, the Frankfurt am Main Public Prosecutor’s Office – Central Office for Combating Internet Crime (ZIT) ...
Google Detects First AI-Generated Zero-Day Exploit
The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group. The post Google Detects First AI-Generated Zero-Day Exploit appear...
Google: Hackers used AI to develop zero-day exploit for web admin tool
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated ...
Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks....
Skoda Data Breach Hits Online Shop Customers
Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers. The post Skoda Data Breach Hits Online Shop Customer...
Instructure confirms Canvas user data exposed in cyberattack
Instructure has confirmed that attackers gained unauthorized access to parts of its environment and exploited a vulnerability tied to the company’s Free for Tea...
New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks
Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag&...
New cPanel and WHM Flaws Enable Code Execution, DoS Attacks
cPanel has disclosed three critical security vulnerabilities tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 affecting its widely deployed cPanel ...
Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft...
Škoda Security Incident Exposes Customers Data From Online Shop
Škoda Auto has disclosed a significant IT security incident affecting its official online shop, revealing that unauthorized individuals exploited a vulnerabilit...
Apple and Meta warn Canada’s Bill C-22 forces encryption backdoors
Apple and Meta are publicly opposing portions of Canada’s proposed lawful access legislation, warning that Bill C-22 could weaken encryption protections, introd...
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited...
DarkMoon AI-Powered Autonomous Penetration Testing Platform With 50+ Tools
A new open-source cybersecurity platform called DarkMoon has emerged as a significant advancement in autonomous penetration testing. It provides security teams ...
Mozilla Patches 423 Firefox Vulnerabilities with Claude Mythos and Other AI Models
Mozilla has fixed a total of 423 Firefox security bugs in April 2026 alone, a figure nearly 20 times higher than its monthly average of about 21 bugs throughout...
Mozilla Patches 423 Firefox 0-Day Vulnerabilities with Claude Mythos and Other AI Models
Mozilla has fixed a total of 423 Firefox security bugs in April 2026 alone, a figure nearly 20 times higher than its monthly average of about 21 bugs throughout...
New Linux 'Dirty Frag' zero-day gives root on all major distros
A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. [....
Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
Lax extension permissions and improper trust implementation allow attackers to inject prompts in the Claude Chrome extension. The post Vulnerability in Claude E...
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. The post Ivanti Patches EPMM Zero-Day...
Dirty Frag Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released
Dirty Frag is a newly disclosed, CVE-pending Linux kernel local privilege escalation (LPE) vulnerability that chains two separate page-cache write flaws, the xf...
Multiple Critical Vulnerabilities Patched in Next.js and React Server Components
Vercel has released an extensive set of security advisories for Next.js, addressing more than a dozen vulnerabilities, including denial-of-service, middleware b...