Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update

Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
Infosecurity-magazine.com

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Vibe coding tools like Anthropic's Claude Code are flooding software with new vulnerabilities, Georgia Tech researchers have warned. At least 35 new common vulnerabilities and exposures (CVE) entries ...
Network World

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Direct Marketing News

Grocery chains are using dynamic pricing algorithms that charge more in lower-income zip codes and researchers say most shoppers have no idea it’s happening

To learn more about our editorial approach, explore The Direct Message methodology. I grew up in a house where grocery shopping was strategy. My mom knew which store had cheaper produce, which one ran ...
CNBC

Cybersecurity stocks drop for a second day as new Anthropic tool fuels AI disruption fears

Cybersecurity stocks dropped for a second day as the threat of AI loomed large with Anthropic's latest AI tool that can scan code for vulnerabilities. Investors are worried new artificial intelligence ...
CoinTelegraph

Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi

The exploit saw the Moonwell protocol exploited for $1.78 million after cbETH was mispriced at $1.12 instead of about $2,200, intensifying debate around AI-co-authored smart contracts. Moonwell, a ...
TechRepublic

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser crashes. The issues affect core browser ...
Diginomica

How the Vulnerability Registration Service is using Pega to help organizations better support vulnerable customers

When vulnerable individuals interact with financial services, utilities, or government agencies, they often face an exhausting cycle of repeatedly disclosing their circumstances - explaining their ...