The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...
Business Day

AI-driven zero-day exploits: A strategic imperative for Africa’s cybersecurity future

The recent disclosure by Google’s Threat Intelligence Group that hackers are now using artificial intelligence to develop ...
CSO Online

Ivanti patches critical Sentry flaws that lead to full device takeover

Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with ...

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and ...
Tech Times

Stack Overflow for Agents Enters Beta: Human Reputation Anchors Machine-Speed Corpus

Stack Overflow for Agents, now in public beta, lets AI coding agents query and write back to a verified knowledge corpus — ...
CSO Online

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers and agent infrastructure.
The Tech Portal

Microsoft introduces Surface RTX Spark Dev Box, GitHub Copilot app, Project Solara, and new AI models at Build 2026

Microsoft unveiled a series of major AI-focused announcements at its Build 2026 developer conference, including the new ...
The Hacker News

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack built a 230-node SMTP relay from hijacked cloud servers, syncing verified proxies every five minutes for scalable ...

From code-first to intent-first: Microsoft Build 2026 could be the end of programming as we know it

Build 2026 runs from June 2-3 in San Francisco. Here's what Microsoft is expected to announce for GitHub Copilot, Azure AI ...
GovInfoSecurity

Breach Roundup: CISA Says Agencies Should 'Patch Smarter'

This week, CISA tightened patching rules, hackers provoked AI scanners. An accused Russian intel hacker appeared in court.