Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large...
researchers
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
Swati KhandelwalJun 08, 2026Linux / Vulnerability Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that...
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where...
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans,...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Ravie LakshmananJun 04, 2026Malvertising / Browser Security Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge...
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Swati KhandelwalJun 04, 2026Malware / Open Source Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects...
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Ravie LakshmananJun 03, 2026Malware / Microsoft Defender Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's...
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Ravie LakshmananJun 03, 2026Vulnerability / Software Development Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS...
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Ravie LakshmananJun 03, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited...
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers,...
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of...
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Ravie LakshmananJun 02, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by...
Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI’s Biggest AI Showdown Yet
In Pwn2Own Berlin, researchers found 47 unique zero-days across ten target categories, with payouts totaling US$1,298,250, a new event record....
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a...
