Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers
GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9
The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers
Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products
Check Point research reveals cybercriminals are using Google Calendar and Drawings to send malicious links, bypassing traditional email security
ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom
Lazarus Group exploited Google Chrome zero-day, infecting systems with Manuscrypt malware
The LOTS attack uses trusted sites like Google Drawings and WhatsApp to trick users into sharing data
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication
eSentire found the threat after detecting suspicious code in a manufacturing customer's network