The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...

Apple's A12 and A13 Chips Facing New Unpatchable Exploit

Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 ...

The first unpatchable iPhone exploit in six years targets chips still running Apple's latest iOS

Security researchers at Paradigm Shift have published the first iPhone bootROM exploit in years. The process, called ...
SecurityWeek

Critical Command Execution Vulnerability Patched in Cisco ISE

Cisco has patched a critical-severity ISE and ISE-PIC vulnerability that could allow attackers to gain root access to the ...

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

New unpatchable exploit targets Apple devices with A12 and A13 chips

Researchers at Paradigm Shift have published the technical details of usbliter8, a new unpatchable iPhone BootROM ...
SecurityWeek

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.
The Hacker News

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Microsoft is preparing a patch for RoguePlanet, a Defender flaw tracked as CVE-2026-50656 that can enable privilege ...

Attacks on FortiSandbox vulnerabilities

Vulnerabilities in FortiSandbox are currently targeted by internet attacks. Patches to secure them have been available since ...

Aztec hit by second $2.1M exploit in less than week: SlowMist

Deprecated Aztec infrastructure has suffered a second exploit within days, adding to concerns about the security of abandoned smart contract infrastructure. Aztec’s private rollup bridge was exploited ...

Anthropic Research Shows Mythos Model Built Working Exploits For Newly Disclosed Software Flaws In Hours

New research shows that the time required to convert flaws into working exploits has narrowed significantly with Anthropic's ...
Infosecurity-magazine.com

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...