How a USB-connected speaker can infect a PC without ever being touched

CTP allows devices connected via Bluetooth or USB to send commands to the speaker, such as changing LED colors and equalizer ...
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Your Monday cybersecurity recap covers the latest digital threats, exposed weaknesses, active attacks, and security stories ...

Scientists Find Way to Supercharge Dangerous Computer ‘Worms’ With A.I.

Researchers at the University of Toronto showed how hackers could use artificial intelligence to create a program that could ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...
SecurityWeek

19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access

Introduced in 2007, the CIFSwitch Linux kernel bug allows users to modify CIFS key description fields and gain root ...
The Hacker News

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

AI shrinks exploitation windows to hours while median critical patching time rose to 43 days, increasing exposure risk.

New CIFSwitch Linux flaw gives root on multiple distributions

A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the kernel's key request ...

Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers

Hackers stole usernames, hashed passwords, and other data from a service that allowed players to cheat in Grand Theft Auto V.

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Dozens of Red Hat packages backdoored through its official NPM channel

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, ...

Security News This Week: Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the ...
Bleeping Computer

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...