Acer working to patch max severity zero-days in Wave 7 routers
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [...]
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [...]
Uma vulnerabilidade de alta severidade em roteadores TP-Link pode permitir que invasores executem comandos arbitrários no sistema e comprometam dispositivos afetados. A falha é rastreada como CVE-2026-5509 e recebeu pontuação CVSS 8,5. O problema afeta os modelos Archer BE450 v1 …
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on winning that race. You don't control which bug lands. You control what it can reach once it does. That…
Alcasec, the "Robin Hood of Spanish Hackers," is jailed for 31 months after admitting to stealing and selling Spanish citizens' banking data.
Uma vulnerabilidade no Claude Code GitHub Actions poderia permitir que invasores externos comprometessem repositórios que usam o workflow oficial da Anthropic em pipelines de CI/CD. A falha foi corrigida na versão 1.0.94 e recebeu pontuação CVSS 7.8. O problema estava na função c…
Aura médica em tempos de IA. The post “Pacientes auditando o juízo médico? LLMs alfabetizando usuários em saúde?” appeared first on Saúde Business.
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool's ms-screensketch: URI handler, the newly flagged issue r…
European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. [...]
A threat actor got a near-continuous view into an influential finance executive's email inbox, thanks to clever use of legitimate, native Windows tools.
Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user's personal contacts. [...]
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. "The vulnerable behavior exists i…
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. [...]
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the acti…
Analistas da SophosLabs identificaram ataques do ransomware WantToCry que exploram o serviço Server Message Block (SMB) exposto à internet com autenticação fraca, permitindo que invasores exfiltrem arquivos para infraestrutura criminosa, criptografem remotamente e regravem os dad…
A Agência de Segurança Cibernética e de Infraestrutura dos Estados Unidos (CISA) adicionou uma vulnerabilidade crítica do servidor de aplicações Java Oracle WebLogic ao seu catálogo de falhas exploradas ativamente, conforme informou ontem o jornalista Eduard Kovacs em uma reporta…
Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]
OpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]