Ars Technica

Two Windows vulnerabilities, one a 0-day, are under active exploitation

The final payload is a widely used remote access trojan known as PlugX. To better conceal the malware, the exploit keeps the binary file encrypted in the RC4 format until the final step in the attack.

AI browsers are here, and they're already being hacked

AI-infused web browsers are here and they’re one of the hottest products in Silicon Valley. But there’s a catch: Experts and ...

CISA: High-severity Linux flaw now exploited by ransomware gangs

CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...