Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

Claude Mythos autonomously found zero-days in OpenBSD, FFmpeg, FreeBSD and major browsers that survived decades of expert ...
CSO Online

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
College of Computing - Georgia Tech

Bad Vibes: AI-Generated Code is Vulnerable, Researchers Warn

Of the 74 confirmed cases uncovered so far by the tool, 14 are critical risks, and 25 are high. These vulnerabilities include ...

Intruder rolls out agentless container image scanning for cloud environments

Offered as part of Intruder’s existing platform and available to Intruder Cloud, Pro and Enterprise subscribers, Container ...
Network World

Cisco joins Anthropic’s multivendor effort to secure AI software

Anthropic’s Project Glasswing will bring together a group of vendors to help define how AI resources will be protected from ...
Dark Reading

Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns ...

AI agent security startup Trent AI launches with $13M in funding

Trent AI Ltd., a London-based artificial intelligence security startup, launched today with $13 million in seed funding. LocalGlobe and Cambridge Innovation Capital led the investment. They were ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
CSO Online

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu ...