Tag: day exploit
-
The Register: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs
Source URL: https://www.theregister.com/2025/09/03/hexstrike_ai_citrix_exploits/ Source: The Register Title: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Feedly Summary: LLMs and 0-days – what could possibly go wrong? Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check…
-
The Register: Citrix patches trio of NetScaler bugs – after attackers beat them to it
Source URL: https://www.theregister.com/2025/08/26/citrix_patches_trio_of_netscaler/ Source: The Register Title: Citrix patches trio of NetScaler bugs – after attackers beat them to it Feedly Summary: Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they’ve already been used in the wild before the vendor got around to patching.……
-
Slashdot: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code
Source URL: https://it.slashdot.org/story/25/08/22/2059255/microsoft-reportedly-cuts-chinas-early-access-to-bug-disclosures-poc-exploit-code Source: Slashdot Title: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has modified its Microsoft Active Protections Program (MAPP) to restrict access to proof-of-concept exploit code for companies in certain countries, including China, to combat the leak of sensitive…
-
The Register: Apple rushes out fix for active zero-day in iOS and macOS
Source URL: https://www.theregister.com/2025/08/21/apple_imageio_exploit/ Source: The Register Title: Apple rushes out fix for active zero-day in iOS and macOS Feedly Summary: Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.……
-
Microsoft Security Blog: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/ Source: Microsoft Security Blog Title: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework Feedly Summary: A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and…
-
Slashdot: AI Is Reshaping Hacking. No One Agrees How Fast
Source URL: https://it.slashdot.org/story/25/08/16/1936221/ai-is-reshaping-hacking-no-one-agrees-how-fast Source: Slashdot Title: AI Is Reshaping Hacking. No One Agrees How Fast Feedly Summary: AI Summary and Description: Yes Summary: The text discusses advancements in AI agents presented at the Black Hat conference, highlighting how these innovations could potentially enhance the capabilities of cybersecurity defenders. However, it also underscores the duality of…
-
The Register: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
Source URL: https://www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/ Source: The Register Title: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks Feedly Summary: A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… AI Summary and Description:…