Lessons From AI Hacking: Every Model, Every Layer Is Risky
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation
Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.
The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. [...]
Flaw Enabled Remote Code Execution, Say AWS ResearchersResearchers from AWS said they spotted a hacking campaign taking advantage of a zero-day vulnerability in Cisco network access control software before the routing giant patched it earlier this year. The flaw let attackers perform pre-authentication remote code execution.
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. [...]
Chinese Hackers Target European Diplomats with LNK File FlawChinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.
The Pwn2Own Ireland 2025 hacking competition has ended with security researchers collecting $1,024,750 in cash awards after exploiting 73 zero-day vulnerabilities. [...]
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. [...]
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. [...]
AI Tools Can Steal Crypto Autonomously, Even From Audited CodeArmed with just a smart contract address, researchers developed an autonomous artificial intelligence tool that can scan for vulnerabilities, write working exploits in the Solidity blockchain programming language and siphon funds. "It behaves more like a human hacker," said its co-creator.
But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks
AI Models Mostly Fail in Full Track of Vulnerability Research to ExploitThe rise of code-illiterate but AI-enabled script kiddies able to wreak havoc by weaponizing software vulnerabilities into automated exploits, thanks to expert-level assistance from large language models, remains but a future possibility, based on exploit-writing tests of 50 LLMs.
Researchers Uncover Critical Flaws Enable Remote Device TakeoverA ubiquitous industrial power monitoring device contains three critical vulnerabilities in its firmware that could allow attackers to disrupt operations by remotely crashing them or executing unwanted code. The device is the Rockwell Automation PowerMonitor 1000 Remote.
The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions. [...]
Researchers Uncover Bugs in Apple’s AirPlay, Risking Takeover of Smart DevicesVulnerabilities in wireless streaming protocol AirPlay could expose Apple operating system devices to remote code execution by enabling attackers to infiltrate networks through trusted connections. The flaws are in the software development kit used by third-party manufacturers.
In what's an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract
Flaws in Solar Inverters Threaten Power Grid StabilityResearchers from Forescout's Vedere Labs detected security shortcomings in the world’s leading solar inverters that could enable hackers to hijack solar energy production and destabilize power grids. Flaws include unauthorized remote access, insecure authentication and remote code execution.
Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers WarnA Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear.