RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed, and traditional defenses can't see the threat. Security teams are already ...

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early ...

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office.

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Multiple threat actors are actively targeting a recently disclosed maximum-severity security bug in the Aviatrix Controller centralized management platform for cloud networking. In a worst-case ...

Reports showed four security companies conducted 11 audits of Balancer’s smart contracts starting in 2021, but a bad actor was still able to drain millions in staked Ether. Update (Nov. 10 at 2:55 pm ...

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday this week. There's a full remote code vulnerability (RCE) exploit for ...

Charlie Miller, principal security analyst at Independent Security Evaluators, used a security exploit in Safari 4 to hack into a MacBook in about 10 seconds Wednesday, winning the Pwn2own contest at ...

Imagine sending a simple emoji in a text message—just a cheerful smiley face or a thumbs-up—without a second thought. Now, what if I told you that same emoji could secretly carry hidden instructions ...