The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

Piling on guardrails is the sign of a system permanently compensating for its own unreliability. There’s a better approach.

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

Calif researchers used Anthropic’s Mythos Preview to chain two bugs and techniques into a macOS kernel exploit on Apple M5 The exploit bypassed Apple’s new Memory Integrity Enforcement, achieving root ...

A logic inversion bug was recently found in Linux, caused by a single stray character.

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...

There was an error while loading. Please reload this page.