Google reported the first observed AI-assisted zero-day exploit, raising new concerns about Mythos, OpenAI cyber models, and AI security risks.

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. FileCatalyst Workflow is a web-based file ...

Security researchers have found a chain of exploits that allows the bootloader of the Chromecast with Google TV (HD) to be unlocked. Worryingly, this exploit chain allows the device to report a “secure” state to Android, meaning that potentially ...

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.”

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as ...

WinRAR doesn’t have an auto-update feature, but you’ll want to go ahead and patch it right now. WinRAR doesn’t have an auto-update feature, but you’ll want to go ahead and patch it right now. is a senior correspondent and author of Notepad, who has ...

Microsoft Edge loads all your saved passwords, decrypted and in plaintext, into memory at startup. Google Chrome doesn’t—is it time to switch browser?

Haifei Li, a principal vulnerability researcher at Check Point Software Technologies Ltd., examines the universe of Microsoft Outlook exploits in a new blog post this week that has lessons for users and security managers alike. Li divides this collection ...