Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
CSO Online

6 ways attackers abuse AI services to hack your business

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...

New Password Stealer Bypasses 2FA—Chrome, Edge And Firefox Targeted

This new Storm attack platform can exfiltrate passwords and session data, enabling 2FA bypass. Google Chrome, Microsoft Edge ...
Android Authority

Qualcomm responds to GBL exploit used on latest Snapdragon flagships

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...
Android Authority

New Qualcomm exploit chain brings bootloader unlocking freedom to Android flagships (Updated: Statement)

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...
Android

Qualcomm GBL Exploit Reportedly Enables Bootloader Unlocking on Flagships

A new Qualcomm GBL exploit is reportedly affecting Qualcomm SoCs, mainly the latest Snapdragon 8 Elite Gen 5. This enables bootloader unlocking on flagship phones that were previously difficult to ...
TechSpot

Hackers are selling a critical Windows zero-day exploit for $220,000 on the dark web

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...
9to5Mac

Google and iVerify reveal government-grade iPhone exploit kit spreading to hackers

Google’s Threat Intelligence Group and security company iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones running older iOS versions. Here ...
CoinDesk

How AI is helping retail traders exploit prediction market 'glitches' to make easy money

A fully automated trading bot executed 8,894 trades on short-term crypto prediction contracts and reportedly generated nearly $150,000 without human intervention. The strategy, described in a recent ...
CoinDesk

Specialized AI detects 92% of real-world DeFi exploits

A purpose-built AI security agent detected vulnerabilities in 92% of exploited DeFi smart contracts in a new open-source benchmark. The study, released Thursday by AI security firm Cecuro, evaluated ...