Search

tomshardware.com › tech-industry › cyber-security

Standard 90-day vulnerability disclosure policy is likely dead thanks to AI, expert warns that AI can weaponize patches in 30 minutes — LLM-assisted bug-hunting ushers in a new cyberworld order

… The vast majority of security exploits are rooted in specific bad programming habits, something a bot excels at noticing quickly and repeatedly. …

May 12, 2026 · Bruno Ferreira

tomshardware.com › software › linux

CISA flags actively exploited ‘Copy Fail’ Linux kernel flaw enabling root takeover across major distros — unpatched systems may remain vulnerable to attack

… Cybersecurity and Infrastructure Security Agency CISA added a newly disclosed Linux vulnerability, dubbed “Copy Fail,” to its Known Exploited Vulnerabilities catalog on May 1st, warning that the flaw, tracked as CVE-2026-31431, is already being used in active attacks and urging rapid patching acros… …

May 4, 2026 · Etiido Uko

tomshardware.com › tech-industry › cyber-security

Windows Server vulnerability can grant system privileges with just a malformed packet — domain controllers are being exploited in the wild

… Microsoft has been in security news quite often recently, mostly thanks to its ongoing spat with security researcher Chaotic Eclipse aka Nightmare Eclipse , who published a heap of zero-days exploits after apparent negotiations with the company broke down. …

Jun 1, 2026 · Bruno Ferreira

tomshardware.com › tech-industry › cyber-security

Cyber Security News, Analysis and Features | Tom's Hardware

Cybersecurity Dirty Frag exploit gets root on most Linux machines since 2017, no patches available Cybersecurity College student hacks Taiwan high-speed rail line, stopping four trains Cybersecurity Security researcher says that Google is likely in violation of EU law and wasting thousands upon tho… …

May 8, 2026

tomshardware.com › software › linux

Linus Torvalds says flood of duplicate AI-generated vulnerability reports have made Linux security mailing list 'almost entirely unmanageable' — private list 'a waste of time for everybody involved' in switch to new public system

Linus Torvalds declared the Linux kernel's private security mailing list "almost entirely unmanageable" on Sunday in his weekly post to the Linux Kernel Mailing List LKML , blaming a flood of duplicate vulnerability reports generated by researchers running the same AI tools against the same code. …

May 18, 2026 · Luke James

tomshardware.com › tech-industry › cyber-security

Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor

There's nothing more dangerous than a bored engineer with a screwdriver, and hell hath no fury like a security researcher scorned. …

May 13, 2026 · Bruno Ferreira

tomshardware.com › software › linux

AMD's legendary K5, its first independently-designed processor, is being removed from the Linux kernel — 4.3-million-transistor chip gets the axe because it lacks Time Stamp Counter (TSC) support, making it a coding burden

… However, machines packing these retired processors can still be used in fun projects where a fully up-to-date security -hardened internet-connected patched OS isn’t essential. …

May 10, 2026 · Mark Tyson

tomshardware.com › tech-industry › cyber-security

Microsoft's GitHub bans security researcher who posted zero-day Windows exploits because company 'ruined their life' — expert claims action is vindictive and promises further retaliation

… Regardless, the move to ban Eclipse's GitHub account makes for poor optics, as it is being heavily criticized, and ultimately achieves nothing for security, since the code is out there anyway. …

May 27, 2026 · Bruno Ferreira

tomshardware.com › pc-components

Researchers attack AMD's Infinity Fabric to bypass hardware security protections with 'Fabricked' — flaw lets malicious cloud hosts silently read confidential VM memory and forge attestation reports

… AMD SEV-SNP addresses this by creating hardware-isolated Confidential Virtual Machines, where memory is encrypted and access-controlled by a dedicated on-chip security processor called the PSP. …

May 19, 2026 · Etiido Uko

tomshardware.com › tech-industry

US closes loophole that allowed Chinese-owned subsidiaries located outside China to buy AI chips — report claims that hundreds of thousands of advanced AI chips have been acquired through BIS blind spot

… Bureau of Industry and Security , the federal agency in charge of enforcing export controls, just released updated guidance that prevents Chinese-owned subsidiaries from purchasing advanced AI chips, such as Nvidia GB200 and AMD MI350x chips. …

Jun 1, 2026 · Jowi Morales