The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...
SecurityWeek

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Microsoft has acknowledged the RoguePlanet zero-day exploit and is working on a high-quality patch to resolve the ...

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Microsoft Copilot vulnerability could allow attackers to exfiltrate 2FA codes and enterprise data

Security researchers identify "SearchLeak" vulnerability in Microsoft Copilot that allows attackers to exfiltrate 2FA codes ...
The Hacker News

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Microsoft is preparing a patch for RoguePlanet, a Defender flaw tracked as CVE-2026-50656 that can enable privilege ...

Attacks on FortiSandbox vulnerabilities

Vulnerabilities in FortiSandbox are currently targeted by internet attacks. Patches to secure them have been available since ...
Rutland Herald

Azul Addresses the Java Runtime Security Blind Spot Autonomous AI Can Now Exploit

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today launched a free JVM vulnerability ...
Windows Report

Microsoft Fixes Critical Copilot SearchLeak Vulnerability That Could Expose Emails and Files

Microsoft has fixed the critical SearchLeak vulnerability in Microsoft 365 Copilot Enterprise that could expose emails, files ...
SecurityWeek

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.
Security

Verizon’s 2025 DBIR Reveals Vulnerability Exploits Are Driving a Surge in Data Breaches

Verizon Business released its 2025 Data Breach Investigations Report (DBIR), which reveals a significant increase in cyberattacks. The report found that third-party involvement in breaches has doubled ...

Anthropic Research Shows Mythos Model Built Working Exploits For Newly Disclosed Software Flaws In Hours

New research shows that the time required to convert flaws into working exploits has narrowed significantly with Anthropic's ...
Infosecurity-magazine.com

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...