Ars Technica

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains ...
TechCrunch

Russian government hackers found using exploits made by spyware companies NSO and Intellexa

Google says it has evidence that Russian government hackers are using exploits that are “identical or strikingly similar” to those previously made by spyware makers Intellexa and NSO Group. In a blog ...
Bleeping Computer

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors

The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and ...
Ars Technica

Commercial spyware vendor exploits used by Kremlin-backed hackers, Google says

Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surveillance vendors (CSVs) represents a worldwide danger because they inevitably find their way ...
Bleeping Computer

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named “Coruna” has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. The Coruna kit contains ...
CSOonline

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover high-level logic flaws. The Google Threat Intelligence Group (GTIG) today released ...
CSOonline

Ethical hackers exploited zero-day vulnerabilities against popular OS, browsers, VMs and AI frameworks

During Pwn2Own hacking contest, participants were asked to compromise Microsoft Windows 11, Mozilla Firefox, VMware Workstation, NVIDIA Container Toolkit among other well-known systems. Security ...