Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
Anthropic AI Agent Memory Vulnerability: Data Exposure Risks
Cisco discovered a significant memory handling vulnerability in Anthropic AI agents, risking data exposure. This highlights persistent security challenges in AI systems.
AI in Vulnerability Discovery: 360 Digital Security Group's Claims Examined
Runtime Rebel examines 360 Digital Security Group's claims of using AI to discover over 1,000 vulnerabilities, including at Tianfu Cup, and the implications for security
Analyzing the $290M DeFi Breach and macOS LotL Exploitation
An analysis of the $290 million DeFi protocol hack, macOS living-off-the-land techniques, and ProxySmart SIM farming operations identified in recent reports.
CVE-2024-23296: Apple Patches Actively Exploited Notification Flaw
Apple releases urgent security updates for iOS and iPadOS to address CVE-2024-23296, a memory corruption vulnerability in Notification Services seeing active use.
CVE-2024-38107: Microsoft Defender BlueHammer Flaw Exploited - Patch Now
CISA orders federal agencies to patch the BlueHammer zero-day, a critical Microsoft Defender privilege escalation flaw currently under active exploitation.
Anthropic Project Glasswing: The Shift to AI-Driven Zero-Day Discovery
Anthropic delays Project Glasswing after its AI model identifies critical zero-day vulnerabilities across major tech stacks, sparking a massive patching effort.
Defeating Automated Exploitation in the Collapsing Exploit Window
AI-driven automation is accelerating the exploit lifecycle. Learn how the collapsing exploit window impacts vulnerability management and automated defense.
AI Impact on Vulnerability Management: Real-World Trends and Risks
Analyze how artificial intelligence impacts vulnerability research and discovery, separating industry hype from technical reality for security professionals.
CVE-2024-21412: Microsoft Defender Zero-Day Exploitation and Analysis
Analysis of a Microsoft Defender zero-day vulnerability used to extract NTLM hashes from the SAM database and achieve system-level privileges.
CVE-2026-28950: Apple Fixes iOS Notification Data Retention Flaw
Apple patches CVE-2026-28950 in iOS and iPadOS, a logging issue that allowed deleted notifications to persist on devices, impacting forensic privacy.
Critical RCE Threats: Confluence OGNL & Exchange Server Patching
Runtime Rebel analyzes critical RCE vulnerabilities affecting Atlassian Confluence and Microsoft Exchange Server, alongside a high-severity SQLi in WP Reset.
CVE-2026-33825: Microsoft Defender Access Control Exploit Analysis
CISA adds CVE-2026-33825 to the KEV catalog following active exploitation of Microsoft Defender's access control mechanisms. Learn how to secure your systems.