3 Articles Today
150 This Month
6 Categories
150 Total Articles

Latest News

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions Vulnerabilities The Hacker News
The Hacker News Jul 11, 2026 1 min read

Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user's session. It has yet to be assigned a CVE identifier. "The

New U-Boot flaws could enable stealthy firmware attacks Malware Bleeping Computer
Bleeping Computer Jul 11, 2026 1 min read

New U-Boot flaws could enable stealthy firmware attacks

Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. [...]

'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets Research Bleeping Computer
Bleeping Computer Jul 11, 2026 1 min read

'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets

A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers. [...]

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code Research The Hacker News
The Hacker News Jul 10, 2026 1 min read

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code

An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, ordinary-looking steps inside a code editor. That is the finding of a new study of GitHub Copilot by researchers Abhishek Kumar and Carsten Maple. The models they tested through Copilot, Claude from Anthropic, and Gemini from Google, refused

Hackers exploit critical auth bypass in Gitea Docker image Vulnerabilities Bleeping Computer
Bleeping Computer Jul 10, 2026 1 min read

Hackers exploit critical auth bypass in Gitea Docker image

Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to impersonate any user, including administrators. [...]

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions Research The Hacker News
The Hacker News Jul 10, 2026 1 min read

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data foundation. Whether a platform will materially change outcomes for

Microsoft Reins in RoguePlanet Zero-Day Threat Vulnerabilities Dark Reading
Dark Reading Jul 10, 2026 1 min read

Microsoft Reins in RoguePlanet Zero-Day Threat

The researcher known as "Nightmare-Eclipse" published a proof-of-concept (PoC) exploit for the Windows Defender vulnerability in early June after dropping several other Microsoft zero-days.

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot Research The Hacker News
The Hacker News Jul 10, 2026 1 min read

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside data-center servers. Four of the bugs can crash a device. The other two could let an attacker who slips a malicious image in front of the bootloader run their own code, before the device

'Djinn' Stealer Targets Cloud, AI Credentials Vulnerabilities Dark Reading
Dark Reading Jul 10, 2026 1 min read

'Djinn' Stealer Targets Cloud, AI Credentials

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware Malware The Hacker News
The Hacker News Jul 10, 2026 1 min read

New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can choose from. Each is a different way to break a machine: wipe the whole disk, overwrite the Windows drive, or run fake "ransomware" that scrambles files with a key it never saves

Showing 1โ€“20 of 149 articles
1 2 3 ... 8 Next