Computer Weekly

Boost cooks up SmokedMeat, open source framework for CI/CD pipelines protection

Boost Security has announced SmokedMeat, an open source red team framework for CI/CD pipelines that shows how attackers ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

A global cross-industry credential theft campaign is exploiting public-facing Web applications vulnerable to React2Shell and then deploying an automated collection tool to steal credentials and other ...
CoinTelegraph

Drift sends onchain message to wallets tied to $280M exploit

Drift Protocol initiated onchain contact with wallets tied to the $280 million exploit as an unknown sender also attempts to pressure the attacker. Drift Protocol, a Solana-based decentralized ...
Forbes

AI Just Hacked One Of The World's Most Secure Operating Systems

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. An autonomous agent found, analyzed and exploited a FreeBSD kernel vulnerability in four ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and then suggested ways to exploit them. Developers can spend days using fuzzing ...
Android Authority

A severe iPhone exploit is now public, and anyone can use it

DarkSword, a serious iPhone exploit kit, just leaked on GitHub. If your device is running iOS 18.4 through 18.7 — or legacy versions 15.8.7 or 16.7.15 — you’re vulnerable. Contacts, messages, call ...
9to5Mac

DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub

The exploit, revealed last week by Google’s Threat Intelligence Group, is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest available iOS and ...
Gizmodo

Attacker Exploits Crypto Stablecoin for a $25 Million Payday

Over the weekend, crypto protocol Resolv, which issues the USR stablecoin, was exploited by an attacker who was able to mint nearly 80 million new USR tokens out of thin air after only putting down a ...
CoinTelegraph

Hacked crypto tokens drop 61% on average and rarely recover, Immunefi report says

Beyond immediate losses, attacks often lead to prolonged downtime, liquidity shocks and confidence erosion, as interconnected DeFi systems amplify the impact across markets. A new security report from ...
SiliconANGLE

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their ...