Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Contrast Security integrates ADR with Google Security Operations for runtime app visibility in the SOC

Contrast Security integrates ADR with Google Security Operations for runtime app visibility in the SOC - SiliconANGLE ...

Contrast Security Announces Runtime ADR Integration with Google Security Operations

Contrast Security today announced a new integration between Contrast Application Detection and Response (ADR) and Google ...
PC World

Unpatched Microsoft Defender flaw lets hackers gain admin access

PCWorld reports on the ‘RedSun’ vulnerability in Microsoft Defender affecting Windows 10, 11, and Server systems that allows attackers to gain administrative privileges. Security researcher Chaotic ...
MacRumors

Here's How Researchers Stole $10,000 From MKBHD's Locked iPhone

An iPhone exploit that involves a linked Visa card can allow attackers to steal money from a locked device using NFC, but the process is complex, requiring physical access and specialized hardware.
Wall Street Journal

AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.

The software bug was capable of crashing an operating system used by firewalls, servers and network appliances. It went undetected for over 27 years. Last month, it was caught by Mythos, the latest AI ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
TechRepublic

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting SYSTEM-level access and leaving no patch yet. A disgruntled security researcher ...
PC World

Security expert publishes Windows exploit after Microsoft went silent

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...
New York Post

Google issues 2nd security warning in days over Chrome browser attacks

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...