Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by ...

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...
SecurityWeek

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

An OpenSSH vulnerability introduced 15 years ago could allow attackers to obtain full root shell access to vulnerable servers ...
SecurityWeek

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

Pack2TheRoot, a high-severity vulnerability in PackageKit, allows users to install packages on Linux systems with root ...
VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...
Futurism

Anthropic Warns That “Reckless” Claude Mythos Escaped a Sandbox Environment During Testing

Add Futurism (opens in a new tab) More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results. In a ...
GitHub

LLMtary (Elementary) — AI-Powered Penetration Testing Platform

LLMtary is an open-source Flutter desktop application that brings large language model intelligence to every phase of a penetration test. Enter a target — an IP, hostname, FQDN, or CIDR range — and ...
PCGamesN

New Arc Raiders patch takes another swing at Stella floor exploits, and stops you from spontaneously combusting

Unless it's the end of the month, Arc Raiders patches are usually fairly slim affairs; a handful of bug fixes at best, keeping things ticking over until something bigger comes along. Today's patch ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
Infosecurity-magazine.com

Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks

A prolific cybercrime group has been weaponizing n-day and zero-day exploits in high-tempo Medusa ransomware attacks over the past three years, Microsoft has revealed. Storm-1175 is a financially ...
Windows Report

Windows BlueHammer Zero-Day Lets Attackers Gain SYSTEM Access

Microsoft is dealing with a newly disclosed zero-day vulnerability in Windows that could allow attackers to gain full system control, with no official fix available yet. The flaw, called BlueHammer, ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates high-velocity ransomware campaigns that weaponize N-days, targeting vulnerable, web-facing ...