cybernews

Claude AI just learned how to hack Chrome: Will Mythos do it autonomously?

Amid backlash over Anthropic’s new AI model, Mythos, which has been deemed too dangerous for public use, a researcher demonstrated that even the older Claude Opus could crack Chrome on its own. Using ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
TechRepublic

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A disgruntled security researcher has made good on a threat. A security researcher going by the aliases Chaotic Eclipse and Nightmare-Eclipse published exploit code for a Windows privilege escalation ...
theregister

Anthropic: All your zero-days are belong to Mythos

For years, the infosec community’s biggest existential worry has been quantum computers blowing away all classical encryption and revealing the world’s secrets. Now they have a new Big Bad: an AI ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
SecurityWeek

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

The group is using zero-days, quickly weaponizes fresh bugs, and exfiltrates and encrypts data within days of initial access. The Medusa ransomware group has been operating at a fast pace, seizing ...
Bleeping Computer

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...
Bleeping Computer

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud ...
CoinDesk

Drift says $270 million exploit was a six-month North Korean intelligence operation

A six-month intelligence operation preceded the $270 million exploit of Drift Protocol and was carried out by a North Korean state-affiliated group, according to a detailed incident update published ...
CoinTelegraph

Drift Protocol says $280M exploit took 'months of deliberate preparation'

Drift Protocol said with “medium-high confidence” that the recent attack was carried out by the same actors responsible for the $58 million Radiant Capital hack in October 2024. Drift Protocol, the ...
GitHub

POOPS PS5 Autoloader - BD-J Kernel Exploit & ELF Autoloader

It's Poops-PS5-Java chained with 'ps5_autoloader.elf' For implemented ISO, go check BD-UN-JB-Poops-Autoloader. 'Poops.java' is complete Java port of the poops_ps5.lua IPv6 UAF kernel exploit ...