AI Worm

Researchers have prototyped an AI-powered internet worm. The coolest thing about the prototype is that it carries its own LLM with it, and runs it on computers that have been broken into. This is the closest to John Brunner's original 1975 conception of a computer worm that I've seen...

WordPress Newses theme <= 2.0.0.77 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Newses versions = 2.0.0.77...

A New York Cop Got Injured at a Boxing Match. Now Madison Square Garden Is Banning His Lawyer

Attorney John Scola is representing a police officer who is suing over injuries allegedly sustained while working security at an MSG property in 2025...

pentestfr

Pentest Framework — Kali Linux / VirtualBox Framework Python...

GHSA-W8FP-G9RH-34JH SciTokens has an Authorization Bypass via Incorrect Scope Path Prefix Checking

Summary The Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the same prefix e.g., /johnathan, /johnny, which is an Authorization Bypass. Details File:...

WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Education Zone versions = 1.3.8...

WordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme News Magazine X versions = 1.2.50...

A Bootiful Podcast - John Willis, author of 'Rebels of Reason'

Hi Spring fans! In this installment I sit down with DevOps legend and industry analyst extraordinaire John Willis and talk about his new book Rebels of Reason: The Long Road from Aristotle to ChatGPT and AI's Heroes Who Kept the Faith , and talk about the nature of the ecosystem, AI, the role of...

WordPress profile-builder plugin < 3.11.9 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by John Castro in WordPress Plugin Profile Builder versions 3.11.9...

PT-2026-4389

Name of the Vulnerable Software and Affected Versions WP Term Order versions through 2.1.0 Description A Cross-Site Request Forgery CSRF issue exists in WP Term Order. This allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations Update WP Term...

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence AI model. That's according to new findings from Check Point Research, which identified operational security blunder...

WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Orchid Store versions = 1.5.15...

WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Cream Magazine versions = 2.1.10...

WordPress Oneline Lite theme <= 6.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme Oneline Lite versions = 6.6...

WordPress Outdoor plugin <= 1.3.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by John Lee in WordPress Theme Outdoor versions = 1.3.2...

CVE-2025-60134

Cross-Site Request Forgery CSRF vulnerability in John James Jacoby WP Media Categories wp-media-categories allows Cross Site Request Forgery.This issue affects WP Media Categories: from n/a through = 2.1.0...

EUVD-2006-5111

Malware in sbrugna...

EUVD-2006-2640

Malware in sbrugna...

EUVD-2002-1150

Malware in sbrugna...

EUVD-2007-2365

Malware in sbrugna...