The Hacker News

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Fast16 malware from 2005 predates Stuxnet by five years, targeting engineering software to sabotage calculations and reshape ...
Dark Reading

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised ...
CSO Online

Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...
CryptoNewsZ

Polkadot Price Recovers as Hyperbridge Raises Exploit Loss to $2.5M

Hyperbridge raised exploit losses to $2.5M as Polkadot confirmed native DOT stayed safe, while Polkadot price held above ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...

Microsoft’s Windows Recall still allows silent data extraction

A cybersecurity researcher says Recall’s redesigned security model does not stop same-user malware from accessing plaintext ...
XDA Developers on MSN

Windows 11's Recall tool has been cracked open again, and Microsoft doesn't see that as a problem

A new exploit has been found, and Microsoft shrugged at it.

How AI is getting better at finding security holes

Anthropic announced this week that its new model found security flaws in "every major operating system and web browser." Even ...
VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...