Developer Tech

Anthropic says AI can turn software patches into exploits within hours

Anthropic’s AI turned Firefox and Windows software patches into exploits within hours, including one Windows proof-of-concept ...
techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

FPJ Exclusive: Meet Nisarga, The 19-Year-Old Ethical Hacker Who Flagged Alleged CBSE Portal Issues In February 2026

Fresh concerns have emerged over CBSE’s online portal after a 19-year-old cybersecurity researcher alleged vulnerabilities including login bypass, backend access, and exposure of sensitive data. The ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon ...

Google patches new Chrome zero-day flaw exploited in the wild

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the ...
Network World

AI-powered WAF, virtual patching: How F5 is hardening networks against frontier threats

The AI-powered WAF is currently delivered through Distributed Cloud. F5 said it is in active engineering work to bring the ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
Tech Times

Ivanti Sentry Flaw Triggers CISA’s First 3-Day Federal Patch Mandate, Already Exploited

Ivanti Sentry vulnerability patch is mandatory for federal agencies by June 14 under CISA’s BOD 26-04, which replaces flat ...

New Google Chrome 149 Update Patches Exploited Zero-Day

Following the largest-ever Google Chrome security fix, a new update is now available, and one vulnerability stands out: a ...
Lifehacker

Update Chrome ASAP to Protect Yourself From This Active Exploit

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...