Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...
Bleeping Computer

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early ...
Bleeping Computer

Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

On the first day of Pwn2Own Automotive 2025, security researchers exploited 16 unique zero-days and collected $382,750 in cash awards. Fuzzware.io is leading the competition after hacking the Autel ...

Microsoft's Security Response Center is being blamed for the zero-day BlueHammer exploit leak

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft ...
Fox News

New Android attack tricks you into giving dangerous permissions

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.
SiliconANGLE

Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

Arbitrum Security Council Freezes $71.5M in Ethereum Linked to $292M KelpDAO Exploit

Arbitrum's emergency response to the KelpDAO exploit has sparked praise and criticism over the network's ability to freeze ...
VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...
Hosted on MSN

Escape from Tarkov accounts are being wiped thanks to security exploit

"Somehow, an hour ago, someone logged into my account and reset it to zero". This is the last thing you want to see over the holidays: hours upon hours of progress erased by a complete stranger. Yet ...
CoinDesk

The State of DeFi Exploit Risk

The decentralized finance (DeFi) sector has undergone a remarkable security transformation, achieving a 90% reduction in exploit losses since 2020 and positioning itself as mature financial ...