Search

arstechnica.com › security › 2026 › …

High-severity vulnerability in Linux caused by a single faulty character

… Security firm FuzzingLabs demonstrated a proof of concept exploit in April. …

Jun 9, 2026 · Dan Goodin

arstechnica.com › ai › 2026 › …

Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts

… The wide security hole The CyberSec Guru also described the exploit as representing the classic “confused deputy” problem from computer security, in which a program with elevated permissions is tricked into misusing those permissions on behalf of a less privileged third party. …

Jun 1, 2026 · Jeremy Hsu

arstechnica.com › security › 2026 › …

Linux bitten by second severe vulnerability in as many weeks

… Once the exploits run, attackers can use SSH access, web-shell execution, or container escapes, or compromise low-privilege accounts. “Dirty Frag is notable because it introduces multiple kernel attack paths involving rxrpc and esp/xfrm networking components to improve exploitation reliability,” Mi… …

May 11, 2026 · Dan Goodin

arstechnica.com › security › 2026 › …

Zero-day exploit completely defeats default Windows 11 BitLocker protections

… Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. …

May 14, 2026 · Dan Goodin

arstechnica.com › security › 2026 › …

Google publishes exploit code threatening millions of Chromium users

… Exploits are particularly hard to detect when run on Edge. …

May 20, 2026 · Dan Goodin

arstechnica.com › apple › 2026 › …

Apple patches eavesdropping vulnerability in Beats Studio Buds

… Security firm Sentinel One has a deeper dive into CVE-2025-20701 here . …

Jun 18, 2026 · Dan Goodin

arstechnica.com › security › 2026 › …

PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

… Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. …

Jun 12, 2026 · Dan Goodin

arstechnica.com › security › 2026 › …

Critical Copilot vulnerability allowed hackers to seal 2FA code from users

… Security firm Varonis devised an exploit chain that was able to catapult over these guardrails. …

Jun 16, 2026 · Dan Goodin

arstechnica.com › information-technology › 2026 › …

Millions of AI agents imperiled by critical vulnerability in open source package

… X41 D-Sec, the security firm that discovered it, described it as having “critical severity.” X41 D-Sec partnered with fellow security firm Nemesis to create an online scanner that can check if a given server is vulnerable. …

May 26, 2026 · Dan Goodin

arstechnica.com › security › 2026 › …

Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed

… Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. …

Jun 9, 2026 · Dan Goodin