Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.”

Some Galaxy S26 models just received a root exploit (and Magisk)

Samsung has locked down its phones in a big way, but a cybersecurity group has apparently gained root access to some Galaxy S26 models.
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.
Bleeping Computer

Exploit for Veeam Recovery Orchestrator auth bypass available, patch now

A proof-of-concept (PoC) exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the risk of being exploited in attacks. The exploit was developed by security researcher ...
Forbes

Apple Warns Users Of Zero-Day Threats—Here’s How To Keep Your Mac, iPhone And iPad Safe

Forbes contributors publish independent expert analyses and insights. Lars Daniel covers digital evidence and forensics in life and law. Update Now—Apple releases critical updates to in response to two zero-day exploits hackers could utilize to trick ...
Mashable

WhatsApp 'View Once' messages are far more permanent than you realize

A WhatsApp exploit is allowing users access to View Once messages after they are supposed to be inaccessible. Credit: Silas Stein/picture alliance via Getty Images If you're sending a "View Once" message, photo, or video through WhatsApp, don't be so sure ...
TechRepublic

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds

Researchers from the University of Illinois Urbana-Champaign found that OpenAI’s GPT-4 is able to exploit 87% of a list of vulnerabilities when provided with their NIST descriptions. The GPT-4 large language model from OpenAI can exploit real-world ...
AppleInsider

This severe and international iPhone hack is the best reason to update to iOS 26.3 yet

A sophisticated iPhone hacking technique and surveillance campaign ran rampant internationally for months, prior to a patch in iOS 26.3. A new and severe attack vector focused on iPhones paired two different vulnerabilities into one. The "DarkSword" attack ...
Tidbits

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers at Google, iVerify, and Lookout have jointly revealed the discovery of a sophisticated iPhone hacking toolkit called DarkSword, which multiple threat actors are using to compromise devices running iOS 18. Unlike highly targeted spyware ...

Another DeFi company loses millions in fresh exploit

Total industry losses from hacks now exceed $10 billion.
eWeek

Google Reports First AI-Built Zero-Day Exploit as Cyber Model Fears Grow

Google reported the first observed AI-assisted zero-day exploit, raising new concerns about Mythos, OpenAI cyber models, and AI security risks.