Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Google Detects First AI-Generated Zero-Day Exploit
The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group. The post Google Detects First AI-Generated Zero-Day Exploit appeared first on Security…
Google: Hackers used AI to develop zero-day exploit for web admin tool
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. [...]
Water company's leaky security earns near-£1M fine
Utility provider failed to detect Cl0p ransomware attack for nearly two years
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should…
Webinar this week: Prevention alone is not enough against modern attacks
This upcoming webinar explores how organizations need to combine security, backups, and recovery planning to reduce the impact of modern cyberattacks. [...]
Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged
Cybercrooks ruin engineers' weekends with Saturday attack
Cyber Espionage Group Targets Aviation Firms to Steal Map Data
The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.
Skoda Data Breach Hits Online Shop Customers
Using a vulnerability in the portal, hackers accessed names, addresses, email addresses, and phone numbers. The post Skoda Data Breach Hits Online Shop Customers appeared first on …
NASA's bid to save Swift from fiery death passes another hurdle
Katalyst's LINK spacecraft clears Goddard tests before Pegasus rocket integration
Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room
Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can us…
Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring
The company topped revenue and earnings forecasts for the first quarter of 2026, but its shares plunged more than 20%. The post Cloudflare Lays Off 1,100 Employees in AI-Driven Res…
Linux kernel maintainers pitch emergency killswitch after CopyFail and Dirty Frag chaos
Instead of waiting for patch cycles, admins could simply shut down vulnerable functions before attackers get there
LLMs and Text-in-Text Steganography
Turns out that LLMs are really good at hiding text messages in other text messages.
SailPoint Discloses GitHub Repository Hack
The incident occurred on April 20 and did not affect customer data in the company’s production and staging environments. The post SailPoint Discloses GitHub Repository Hack appeare…
Classic Outlook's Quick Steps trip over Microsoft bug
Client's handy automations get grayed out unless you know the keyboard shortcut
Europe wants out from under US tech – but first it has to find the exits
Report maps the weak points in cloud, identity, and public sector procurement
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
A malicious version of the plugin was published to the Jenkins Marketplace late last week. The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first o…
The latest innovation in UK public transport: Schrödinger's trains
Who knows what is going where. Might as well have a lovely beer instead.
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy com…
Canvas System Is Online After a Cyberattack Disrupted Thousands of Schools
Tens of thousands of students studying for final exams around the world have regained access to a key online learning system after a cyberattack had earlier knocked it offline. The…
Taiwan's train cyber-trauma reveals a global system that’s coming off the tracks
That’s not a radio. THIS is a radio
New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks
Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released. The post New ‘Dirty Frag’ Linux Vulnerability Possi…
Lab worker built a fake PC to nuke his lunch
The office sink is always a horror. Managers worried this one glowed
Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested
The second iteration of the German-speaking online crime marketplace had over 22,000 users and more than 100 sellers. The post Resurrected ‘Crimenetwork’ Marketplace Taken Down, Ad…
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based inform…
Mythos Finds a Curl Vulnerability
Article URL: https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ Comments URL: https://news.ycombinator.com/item?id=48091737 Points: 703 # Comments: 282
Sovereign cloud is only possible if you’re Chinese or American: Gartner
Which is awkward for European orgs who fear US clouds might leave the continent
Over 500 Organizations Hit in Years-Long Phishing Campaign
Victims span across the aviation, critical infrastructure, energy, logistics, public administration, and technology sectors. The post Over 500 Organizations Hit in Years-Long Phish…
ASIA IN BRIEF: China’s agentic AI policy wants to keep humans in the loop
PLUS: Robot becomes Buddhist monk in Korea; TikTok spending $25bn in Thailand; Baidu floating chip biz; and more!