CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...

Cybercriminals created a zero-day exploit with AI, the first example of artificial intelligence finding and hacking software for an illicit enterprise, the tech giant says in a new report.

The Zero Day Initiative is offering a $1 million reward to security researchers who will demonstrate a zero-click WhatsApp exploit at its upcoming Pwn2Own Ireland 2025 hacking contest. The record ...

AI-powered agents achieved penetration-test success rates of up to 69.3% across 300 controlled servers, showing that parts of ...

A new vulnerability in file archiving software WinRAR has come to light that can potentially install backdoor malware on Windows PCs. The zero-day vulnerability was discovered by security researchers ...

Security researchers have uncovered a series of cyberattacks targeting Apple customers across the world. The tools used in these hacking campaigns have been dubbed Coruna and DarkSword, and they have ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Windows 11 zero-day exploits surge at Pwn2Own hacking event. It has not been a great week ...

Three recently patched Fortinet FortiSandbox vulnerabilities are being targeted in the wild, according to exploit ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Last week, cybersecurity researchers uncovered a hacking campaign targeting iPhone users that used an advanced hacking tool called DarkSword. Now, someone has leaked a newer version of DarkSword and ...

TL;DR: GreyNoise uncovered the AyySSHush botnet infecting over 8,000 hosts, mainly ASUS routers, exploiting known bypass bugs to gain persistent SSH backdoor access that survives firmware updates.