CISA tells feds to patch 13-year-old Apache ActiveMQ bug
…bug on CISA's KEV list, which is reserved for vulnerabilities already being exploited in the wild. And there's plenty of exposed surface to aim at: threat monitoring outfit ShadowServer is…
Search
Telnyx package latest hit in PyPI supply-chain compromise
…said ORNL Center for Artificial Intelligence Security Research director Edmon Begoli. Photon, as the ORNL team dubbed it , is designed to explore, discover, and exploit AI vulnerabilities at scale. According to the…
Don't glamorize cybercrims, roast them instead
…There's also an exploit developer named cortana9000 who found a Cisco remote code execution bug ( CVE-2026-20045 ) under active exploitation by government-backed goons and asked on a forum, "so…
1K+ cloud environments infected via Trivy attack
…They were able to do this because, back in February, the same crew exploited a misconfiguration in Trivy's GitHub Action component and stole a privileged access token. This security issue was…
Amazon security boss: AI makes pentesting 40% more efficient
…But from a decision-making capability, it isn't something that we're ready to rely on." According to Moses and his fellow chief information security officers and security firm CEOs, AI…
Anthropic's Mythos has The Kettle crew curious, skeptical
…community, and whether we should take Anthropic at its word or not. You can listen to The Kettle here , as well as on Spotify and Apple Music . ® anthropic ai cybersecurity kettle security
AI agents are 'gullible' and easy to turn into your minions
…his RSAC presentation, and said it builds on work he's done over the past couple of years - presented at Black Hat and other security conferences - developing working exploits in all of…
AI agents found vulns in this Linux and Unix print server
Security AI agents found vulns in this popular Linux and Unix print server CUPS server shown spilling out remote code execution and root access In the latest chapter on leaky CUPS, a…
Voice phishing skyrockets as smooth crims talk their way in
…network edge devices like firewalls, routers, and VPNs, generally by exploiting zero-day bugs. Operators of edge devices don't often protect them with endpoint security products, so attacks running the machines…
Fake applicants are sending security-killing malware
…The operation, detailed in a threat report from networking and security outfit Aryaka , exploits one of the most mundane workflows within an organization: hiring. Researchers say the bait arrives as what looks…