The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

‘Resurge’ malware can remain undetected on devices

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...
SecurityWeek

Critical Grandstream Phone Vulnerability Exposes Calls to Interception

A critical vulnerability affecting Grandstream’s GXP1600 series phones could allow threat actors to intercept calls.

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days later, they shipped Claude Code Security. Here's what reasoning-based ...
Computer Weekly

Flaws in Google, Microsoft products added to Cisa catalogue

Cisa has added six CVEs to its Kev catalogue this week, including newly-disclosed issues in Google Chromium and Dell ...

Flaw in Grandstream VoIP phones allows stealthy eavesdropping

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.
The Hacker News

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...
Liliputing

M5Stack AI Pyramid is an oddly-shaped Arm-based mini PC with a 24 TOPS NPU

The M5Stack AI Pyramid Computing Box is a small computer with an Axera AX88500 processor that combines four Arm Cortex-A55 CPU cores with an NPU that delivers up to 24 TOPS of hardware-accelerated ...
heise online

OpenSSL: 12 security gaps, one allows malicious code execution and is critical

12 security vulnerabilities have been discovered in OpenSSL – using AI tools. One of them is considered critical. Updated software is available. The remaining ten vulnerabilities were classified as ...