For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

Gogs patches critical zero-day enabling remote code execution

Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and ...
Tech Times

ARM Mali Open Source Driver Gets First Rust Shader Compiler in Mesa History

ARM Mali open source GPU driver gains its first Rust-written shader compiler: KRAID, merged into Mesa 26.2 on June 3, 2026 by ...
The Hacker News

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...
조선일보

Cloudflare warns Claude Mythos matches senior researcher in exploit building

Anthropic's artificial intelligence (AI) model "Claude Mythos" has been found to have vulnerability analysis skills on par with a senior researcher. Analyses also suggested it can go beyond simply ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Bleeping Computer

New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...
9to5Mac

Calif team details how Anthropic Mythos helped build a working macOS exploit in five days

The team behind the first public macOS kernel memory corruption exploit on M5 silicon has shared fresh details on how Mythos Preview helped bypass a five-year Apple security effort in five days. Last ...
TechSpot

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

The Epitome of WTF: A researcher known as "Nightmare-Eclipse" recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker's full-volume encryption. The ...
TechRepublic

Google Says Hackers Used AI to Build Zero-Day Exploit

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking. Google says hackers used AI to help build a zero-day exploit, then stopped it ...
SiliconANGLE

Google says criminals used AI to build a working zero-day exploit for the first time

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its kind, according to a report released today by Google LLC’s Google Threat ...