DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’

The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling ...
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...
Infosecurity Magazine

New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...
The Hacker News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
GitHub

FortiWeb Remote Code Execution (RCE) Exploit via CVE-2025-64446 + CVE-2025-58034 Chain

An authenticated attacker (using the account created in step 1) can execute arbitrary OS commands as root via crafted HTTP requests. By combining these two vulnerabilities, an attacker can go from ...
The Hacker News

When Your Browser Becomes The Attacker: AI Browser Exploits

AI browsers can be hijacked through prompt injection, turning assistants into insider threats. Learn how these exploits work & how to protect data.
dlnews

A16z Crypto wants DeFi to ditch ‘code is law’ for ‘spec is law’ to combat $649m exploit problem

DeFi protocols must adopt a more principled approach to security to mature. They could use standardised specifications that constrain what a protocol is allowed to do. Many protocols are already ...
The New York Times

Trump Regrets Not Seizing Voting Machines After 2020 Election

In an interview, the president said he should have ordered the National Guard to take the machines to find evidence of fraud, but added that the Guard might not have had the sophistication to do so.
ClutchPoints

Spurs’ Jeremy Sochan exploits Victor Wembanyama cheat code for easy bucket

Jeremy Sochan’s night stayed quiet on the stat sheet, but his impact showed in feel and timing. He scored six points in 11 minutes off the bench and delivered the lone assist to Wembanyama. More ...