Coverage
Vulnerabilities
738 articles on vulnerability disclosures and exploits
Advertisement
AI-Augmented Zero-Day Exploitation and Autonomous Malware Orchestration
GTIG report reveals how threat actors leverage generative AI for zero-day discovery, autonomous Android malware orchestration, and AI supply chain attacks.
AI-Driven Exploit Development: How Adversaries Automate Attacks
Cyber adversaries are leveraging Large Language Models to accelerate exploit development and automate complex attack chains, posing new risks to cloud security.
Skoda Online Shop Data Breach: Portal Vulnerability Analysis
Skoda Auto confirms a data breach affecting online shop customers. Attackers exploited a portal vulnerability to access PII including names and addresses.
Google’s Big Sleep AI Agent Discovers Real-World SQLite Zero-Day
Google Project Zero and DeepMind’s Big Sleep agent identifies an exploitable stack-based buffer underflow in SQLite, marking a shift in AI vulnerability discovery.
CVE-2024-45785: AI-Generated Zero-Day Exploit Targets BigTree CMS
Google's Threat Intelligence Group discovered a zero-day in BigTree CMS exploited via AI-generated code. Update to version 4.4.16 to prevent remote execution.
CVE-2026-43284: 'Dirty Frag' Linux Vulnerability Exploited — Patch Now
Analysis of the 'Dirty Frag' (Copy Fail 2) Linux kernel vulnerabilities CVE-2026-43284 and CVE-2026-43500, which enable potential remote code execution.
CVE-2026-7482: Bleeding Llama Memory Leak in Ollama — Patch Now
Remote attackers can exploit CVE-2026-7482 in Ollama to leak process memory. Protect your AI infrastructure from the Bleeding Llama vulnerability impact.
cPanel/WHM Security Update: Mitigating CVE-2026-29201 Risks
cPanel and WHM release patches for three vulnerabilities, including CVE-2026-29201, which allows for privilege escalation and remote code execution.
CVE-2026-42208: BerriAI LiteLLM SQLi Exploitation — Patch Now
CISA adds CVE-2026-42208, a critical SQL injection vulnerability in BerriAI LiteLLM, to KEV catalog. Active exploitation confirmed. Timely patching is essential for all
Ivanti EPMM CVE-2023-35078 Zero-Day: Urgent CISA Patch Directive
CISA orders federal agencies to patch Ivanti EPMM CVE-2023-35078 within four days following active zero-day exploitation against government networks.
Gafgyt and Mirai Variants Target IoT Devices via CVE-2017-17215
Analysis of Gafgyt and Mirai botnet activity targeting IoT devices through RCE vulnerabilities such as CVE-2017-17215 and CVE-2014-2320.
Linux Kernel Dirty Frag: CVE-2024-26610 LPE Vulnerability Analysis
Technical analysis of the Dirty Frag Linux kernel vulnerability (CVE-2024-26610), exploring its impact on IPv4 fragmentation and mitigation strategies.