Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.”

Some Galaxy S26 models just received a root exploit (and Magisk)

Samsung has locked down its phones in a big way, but a cybersecurity group has apparently gained root access to some Galaxy S26 models.

Google intercepts a massive cyberattack powered by first-ever AI-generated zero-day exploit

Google claims to have thwarted a significant cyberattack by state-sponsored hackers using an AI-developed zero-day exploit. The vulnerability, which bypassed two-factor authentication in an unnamed tool,
Bleeping Computer

Exploit for Veeam Recovery Orchestrator auth bypass available, patch now

A proof-of-concept (PoC) exploit for a critical Veeam Recovery Orchestrator authentication bypass vulnerability tracked as CVE-2024-29855 has been released, elevating the risk of being exploited in attacks. The exploit was developed by security researcher ...
Forbes

Apple Warns Users Of Zero-Day Threats—Here’s How To Keep Your Mac, iPhone And iPad Safe

Forbes contributors publish independent expert analyses and insights. Lars Daniel covers digital evidence and forensics in life and law. Update Now—Apple releases critical updates to in response to two zero-day exploits hackers could utilize to trick ...
TechRepublic

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds

Researchers from the University of Illinois Urbana-Champaign found that OpenAI’s GPT-4 is able to exploit 87% of a list of vulnerabilities when provided with their NIST descriptions. The GPT-4 large language model from OpenAI can exploit real-world ...
Mashable

WhatsApp 'View Once' messages are far more permanent than you realize

A WhatsApp exploit is allowing users access to View Once messages after they are supposed to be inaccessible. Credit: Silas Stein/picture alliance via Getty Images If you're sending a "View Once" message, photo, or video through WhatsApp, don't be so sure ...
AppleInsider

This severe and international iPhone hack is the best reason to update to iOS 26.3 yet

A sophisticated iPhone hacking technique and surveillance campaign ran rampant internationally for months, prior to a patch in iOS 26.3. A new and severe attack vector focused on iPhones paired two different vulnerabilities into one. The "DarkSword" attack ...
Tidbits

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers at Google, iVerify, and Lookout have jointly revealed the discovery of a sophisticated iPhone hacking toolkit called DarkSword, which multiple threat actors are using to compromise devices running iOS 18. Unlike highly targeted spyware ...

Another DeFi company loses millions in fresh exploit

Total industry losses from hacks now exceed $10 billion.
Dark Reading

'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.