New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...

Claude Mythos can hack anything, Anthropic says. Should we believe them?

Antrophic says its newest model found vulnerabilities in every major operating system and browser—and wrote exploits for them ...
Honolulu Star-Advertiser

Kokua Line: When and where are free shredding events?

Question: Will AARP ever do another free shredding? I know the traffic can be bad, but I prefer a drive-and-drop event to shredding at home. Too much humbug with the noise (can’t watch TV while I’m ...
CoinDesk

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

The attack on Drift Protocol was not a hack in the traditional sense. Nobody found a bug or cracked a private key. There wasn't a flash loan exploit or manipulated oracle either. Instead, an attacker ...
TheStreet.com

Another exchange hit by $270M hack, suspends withdrawals

A major decentralised finance (DeFi) platform has suffered a suspected exploit exceeding $270 million, with onchain data showing large volumes of assets rapidly moved to a single wallet. Blockchain ...
ConsumerAffairs

CAPTCHA scams are surging as hackers exploit a security tool

Cybercriminals are increasingly using fake CAPTCHA prompts to trick users into enabling malware and scam notifications. Security experts warn the tactic is spreading rapidly through ads, pirated ...
Android Authority

A severe iPhone exploit is now public, and anyone can use it

DarkSword, a serious iPhone exploit kit, just leaked on GitHub. If your device is running iOS 18.4 through 18.7 — or legacy versions 15.8.7 or 16.7.15 — you’re vulnerable. Contacts, messages, call ...
9to5Mac

DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub

The exploit, revealed last week by Google’s Threat Intelligence Group, is now publicly available on GitHub, increasing the urgency for older iPhones and iPads to run the latest available iOS and ...
Infosecurity-magazine.com

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability within 20 hours, working only from the advisory description. The bug, CVE-2026 ...