CoinDesk

KelpDAO hackers are laundering millions in stolen crypto, data show

KelpDAO hackers are moving $290M in stolen crypto across blockchains, using privacy tools to mask the trail as DeFi contagion ...

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...
CoinDesk

A $300 million borrowing spike on Aave signals liquidity crunch after KelpDAO exploit

The aftershocks of the Saturday's KelpDAO hack are spreading through stablecoin markets in ways that were not immediately ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
CRN

Microsoft Discloses ‘Monstrous’ Number Of Bugs As AI Discoveries Surge: Researcher

The unusually large number of CVEs (Common Vulnerabilities and Exposures) disclosed by Microsoft Tuesday is “likely” to be ...
CSO Online

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...
New York Post

Google issues 2nd security warning in days over Chrome browser attacks

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...
GitHub

POOPS PS5 Autoloader - BD-J Kernel Exploit & ELF Autoloader

It's Poops-PS5-Java chained with 'ps5_autoloader.elf' For implemented ISO, go check BD-UN-JB-Poops-Autoloader. 'Poops.java' is complete Java port of the poops_ps5.lua IPv6 UAF kernel exploit ...