AI Can Find Bugs, But Human Knowledge Still Proves Them
New Spirals ransomware encrypts victim network in under 24 hours
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums he
F5 Patches Multiple NGINX, BIG-IP Vulnerabilities
Attackers could exploit the bugs to modify configurations, terminate or restart processes, cross security boundaries, leak memory, and execute code.
The post F5 Patches Multiple NGINX, BIG-IP Vulnerabilities appeared first on SecurityWeek.
China’s Top Cybersecurity Firms Hit by Mounting Military Procurement Bans
Chinese cybersecurity firms are facing action from the country’s military, but it’s not due to product or technical failures.
The post China’s Top Cybersecurity Firms Hit by Mounting Military Procurement Bans appeared first on SecurityWeek.
OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol
“GPT‑Red is a strong red-teamer, and our previous models are highly vulnerable to its prompt injection attacks,” the artificial intelligence (AI) company said. “We use GPT‑Red to adversarially train
Old UEFI Shims Expose Systems to Secure Boot Bypass
Signed by Microsoft, the vulnerable UEFI shim bootloaders could be abused on any system, regardless of the OS.
The post Old UEFI Shims Expose Systems to Secure Boot Bypass appeared first on SecurityWeek.
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
The vulnerability, tracked as CVE-2026-53412 (CVSS score: 9.8), affects Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows.
“Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for
Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day
The researcher stripped the proof-of-concept (PoC) exploit to prevent immediate exploitation of the vulnerability.
The post Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day appeared first on SecurityWeek.
