Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
PCMag

US Disrupts Aisuru, Botnet Behind Record-Breaking 30Tbps DDoS Attacks

In total, the operation went after four botnets, estimated to have infected millions of devices across the globe, including TV boxes, web cameras and Wi-Fi routers.
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
Infosecurity Magazine

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Yahoo

Gardener shares genius hack using old toilet paper rolls: 'I did this last year'

Most households use a significant amount of toilet paper and waste the leftover rolls — but a TikTok user found an ingenious way to repurpose them to start a garden. The TikTok account Grove&Green ...
PC Magazine

Productivity Hack: This New Feature in Chrome Will Change How I Use the Web

Productivity Hack: This New Feature in Chrome Will Change How I Use the Web Split view mode simplifies multitasking by displaying two web pages side by side. The latest version of Chrome also includes ...
Wired

You Can Now Install—and Update—Microsoft Store Apps Using the Command Line

I can't stand opening the Microsoft Store. It's slow to load, confusing to browse, and full of ads for things I don't care about. Luckily, thanks to a new feature, I don't have to open the Microsoft ...
Bleeping Computer

AI platforms can be abused for stealthy malware communication

AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. Researchers at cybersecurity company ...
TechCrunch

Intellexa’s Predator spyware used to hack iPhone of journalist in Angola, research says

A government customer of sanctioned spyware maker Intellexa hacked the phone of a prominent journalist in Angola, according to Amnesty International, the latest case of targeting someone in civil ...
Wall Street Journal

Pentagon Used Anthropic’s Claude in Maduro Venezuela Raid

Anthropic’s artificial-intelligence tool Claude was used in the U.S. military’s operation to capture former Venezuelan President Nicolás Maduro, highlighting how AI models are gaining traction in the ...
TechCrunch

Adobe Acrobat now lets you edit files using prompts, generate podcast summaries

Adobe has been aggressively adding AI features to all its products in the last few years. The company is now adding more AI tools to Acrobat, including the ability to generate podcast summaries of ...