Aggregated from vendor advisories, security research, and industry publications.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow an
Article URL: https://www.bbc.com/news/articles/cvgzk91leweo Comments URL: https://news.ycombinator.com/item?id=47992338 Points: 163 # Comments: 101
A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in "Sorry" ransomware attacks. [...]
A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding automation and scaling potential. [...]
Take those token limits and shove them by vibe coding with a local LLM With model devs pushing more aggressive rate limits, raising prices, or even abandoning subscriptions for usa…
Still under development, Bluekit provides users with automated domain registration and an AI Assistant. The post New Bluekit Phishing Kit Features AI Assistant appeared first on Se…
Agency insists everything is working fine, even though users spend days failing to load it The DVSA's driving test booking system has spent the week offline, according to frustrate…
Britain's cyber agency says the bill for years of technical shortcuts is coming due, and it's arriving all at once Britain's cyber agency is warning that AI-fuelled bug hunting is …
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It said it "recently identified" the compr…
Microsoft has confirmed that Windows 11 is getting a new modern Run dialog with dark mode support and faster performance in a new preview build. [...]
Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. [...…
CEO Mike Cannon-Brookes touts 'largest ever quarter for competitive displacements' The chase is on. Atlassian reported its largest-ever quarter for taking share from a major IT ser…
North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them.
Extreme Networks is relying heavily on a number of key technologies—including its network fabric and cloud management portfolios to build toward the future—but more immediately, it…
Dijkstra’s algorithm is the foundation of shortest path calculations for link state routing protocols. But researchers have developed a new algorithm that improves on this decades-…
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook acco…
French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country's agency for issuing and managing administrati…
American citizens and politicians alike have turned on the expansion of data centers in their communities with incredible rapidity. Data centers have gone from curiosities that fe…
Emil Michael says agencies are evaluating the cybersecurity model, not deploying it Pentagon CTO Emil Michael pushed back on reports of a thaw in the department’s relationship with…
Artificial intelligence has had an immediate and profound impact on software development. Coding practices, coding tools, developer roles, and the software development process itse…
BleepingComputer initially published a story about a new data breach at Instructure. Shortly after publication, we determined that the information was incorrect and primarily based…
SpaceX and Blue Origin will absolutely be ready in time. Definitely Amid the sensational NASA budget cut proposals taking place in the US at the moment, NASA Administrator Jared Is…
Both Cupertino and Google are imposing ever stricter limits on their phones – but you have alternatives As both Apple and Google introduce unwelcome changes in their phone OSes, he…
Other noteworthy stories that might have slipped under the radar: OFAC hits Iranian central bank crypto reserves, ADT data leak, CISA guidance for zero trust in OT. The post In Oth…
If software writes software the risk is “systematic failure at scale”. Someone needs to take charge, argues Forrester Forrester predicts that by decade's end, the rush toward agent…
The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper security testing.
The maximum reward for a zero-click Pixel Titan M exploit with persistence has increased to $1.5 million. The post Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewar…
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the confines of SaaS environments, while l…
Users have less cash to burn and less patience for AI in new models... now where to get the used stock Secondhand phones sales are booming - relatively speaking - and the industry …
Raw threat intel isn't enough without real-world context. Criminal IP has partnered with Securonix to integrate exposure-based intelligence into ThreatQ, automating analysis and sp…