Latest IntelligencePage 53
Search by keyword →
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws. [...]...
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Win...
Critical WordPress Plugin Vulnerability Exposes Websites to Authentication Bypass Attacks
A critical vulnerability in a widely used WordPress plugin has exposed over 200,000 websites to full account takeover, raising urgent concerns across the securi...
Hackers Earn $1.3 Million at Pwn2Own Berlin 2026
Participants demonstrated exploits for Windows, Linux, VMware, Nvidia, and AI products. The post Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 appeared firs...
Fast16 Malware Manipulated Nuclear Weapons Simulation Data to Sabotage Test Results
Fast16 malware has been reclassified as a precision tool engineered not to disrupt nuclear warheads directly, but to quietly falsify the outcome of nuclear weap...
Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks
A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute arbitrary comm...
Can Laws Stop Deepfakes? South Korea Aims to Find Out
South Korea's local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes....
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYST...
iodéOS review: Privacy-focused Android that doesn’t get in your way
iodéOS is a privacy-oriented Android operating system developed by the French company iodé, based on the Android Open Source Project (AOSP). The project focuses...
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. [...]...
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according ...
Pwn2Own Berlin 2026 concludes with $1.29 million paid for 47 zero-days
Pwn2Own Berlin 2026 wrapped up with another string of successful enterprise-targeted exploits, bringing the contest’s final tally to $1,298,250 awarded for 47 u...
Grafana Labs Security Breach – Hackers Access GitHub and Download Codebase
A threat actor infiltrated Grafana Labs’ GitHub environment, stealing a privileged token to download the company’s private codebase, and then attemp...
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its co...
First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days
Apple’s M5 silicon has reportedly been exploited for the first time in a public macOS kernel memory corruption attack, successfully bypassing the company&...
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disp...
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious Jav...
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persiste...
Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2
Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh wave of crit...
JDownloader Website Compromised to Distribute Malicious Windows and Linux Installers
A widely used download manager trusted by millions has briefly turned into a malware delivery platform after attackers compromised the official JDownloader webs...