The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since ...
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...
Bleeping Computer

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with ...
PC World

Unpatched Microsoft Defender flaw lets hackers gain admin access

PCWorld reports on the ‘RedSun’ vulnerability in Microsoft Defender affecting Windows 10, 11, and Server systems that allows attackers to gain administrative privileges. Security researcher Chaotic ...
GitHub

AI-Powered Vulnerability Scanner & Auto-Exploit Engine

VulnForge is an offensive security tool that combines traditional vulnerability scanning with AI-powered analysis, exploit validation, and automatic exploit generation. It performs reconnaissance, ...
Hosted on MSN

They shut down the engine exploit after safety concerns emerged

A subtle engine workaround used during qualifying has been officially restricted after drawing attention across the grid. The technique allowed teams to briefly maximize power output in a way that ...
MacRumors

Here's How Researchers Stole $10,000 From MKBHD's Locked iPhone

An iPhone exploit that involves a linked Visa card can allow attackers to steal money from a locked device using NFC, but the process is complex, requiring physical access and specialized hardware.
Fox Business

FBI offers urgent guidance on securing home routers after disrupting Russian intelligence hacking network

Foreign hackers are looking to exploit vulnerabilities in Americans' internet routers, and the FBI is offering tips for securing your home or office routers after it announced actions it took to crack ...
NPR

Tips to protect your home internet network after a Russian router hack

Can you name every device in your home that connects to the internet? Computers, smartphones, of course, but also think TVs, smart speakers, doorbell cameras, your thermostat, maybe your fridge, my ...
TechCrunch

Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months. The vulnerability, ...
Reuters

AI-boosted hacks with Anthropic’s Mythos could have dire consequences for banks

Experts warn Mythos could expose legacy banking systems to unprecedented cyber risks Mythos identified thousands of critical vulnerabilities, prompting calls for new security strategies Cloud Security ...
GitHub

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

usage: egghunter.py [-h] [-t TAG] [-b BAD_CHARS [BAD_CHARS ...]] [-s] Creates an egghunter compatible with the OSED lab VM optional arguments: -h, --help show this help message and exit -t TAG, --tag ...