60,000 WordPress sites at risk due to plugin security flaw

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...
CSO Online

Another Microsoft Defender privilege escalation bug emerges days after patch

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...
CSO Online

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...

Trove of sensitive LAPD records leaked in data hack of city attorney’s office

Thousands of LAPD records, including officer personnel files and documents from Internal Affairs investigations, are among ...
SecurityWeek

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached ...

I knew about North Korean hackers—they still tricked me and got into my computer

A source reached out to me over Telegram. I didn’t realize his account was compromised until it was almost too late.
theblock

Drift says $280M exploit tied to 'sophisticated' admin takeover; ZachXBT criticizes Circle over USDC handling

Drift said Wednesday’s $280 million exploit stemmed from attackers obtaining multisig transaction approvals in advance, likely through social engineering. Onchain sleuth ZachXBT criticized stablecoin ...
NBC News

Trump admin. trying to ‘exploit tragedies for political purposes,’ says Sen. Chris Van Hollen

Sen. Chris Van Hollen (D-Md.) discusses what he views as threats to free speech following the brief suspension of late-night host Jimmy Kimmel and the Trump ...
Infosecurity-magazine.com

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability within 20 hours, working only from the advisory description. The bug, CVE-2026 ...