3+ hour, 47+ min ago  (534+ words) In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed. Hackers have been targeting a vulnerability in discontinued TP-Link routers for a year, so far failing to successfully exploit it, Palo Alto Networks reports....

2+ hour, 9+ min ago  (721+ words) The continued use of the half-century-old protocol exposes enterprises and end users to various types of attacks. Approximately 6 million internet-accessible systems are using FTP today, and almost half of them do not use encryption, a fresh Censys report shows. In…...

4+ day, 28+ min ago  (448+ words) Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool. Microsoft has announced the results of its Zero Day Quest 2026 live hacking contest. The tech giant offered a $5 million prize pool, with…...

4+ day, 21+ hour ago  (562+ words) Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool." A critical Nginx UI vulnerability that allows attackers to take full control of servers has been exploited in the wild. Nginx UI (nginx-ui) is a…...

4+ day, 22+ hour ago  (789+ words) Researchers warn that a flaw in Anthropic's Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments. Model Context Protocol (MCP) has been a boon to agentic AI users and is widely…...

5+ day, 4+ hour ago  (459+ words) Industrial giants Siemens, Schneider Electric, Aveva, Rockwell Automation, ABB, Phoenix Contact, Mitsubishi Electric, and Moxa have published new ICS security advisories since the previous Patch Tuesday." Siemens has published nine new advisories since the previous Patch Tuesday." Vulnerabilities with a…...

3+ week, 10+ hour ago  (597+ words) The agency said Iranian hackers targeted the director's personal email account and noted that the compromised information is old. The FBI has confirmed that threat actors have gained access to an email account belonging to FBI Director Kash Patel, but…...

1+ week, 3+ day ago  (537+ words) RSAC researchers hacked Apple Intelligence using the Neural Exect method and Unicode manipulation. Researchers from RSAC have found a way to bypass the safety protocols of Apple's Intelligence AI with a high success rate. Apple Intelligence is a deeply integrated…...

1+ week, 3+ day ago  (585+ words) Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO. A financially motivated threat actor is targeting business process outsourcing (BPO) organizations to steal data pertaining to…...

1+ week, 4+ day ago  (33+ words) Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on Security Week....