Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Artificial Intelligence AI company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos , to find and address security vulnerabilities. The model will be used by a small set of organizations, including...

March 2026 Patch Tuesday fixes two zero-day vulnerabilities

Microsoft releases important security updates on the second Tuesday of every month, known as Patch Tuesday. This month’s update fixes 79 Microsoft CVEs including two zero-day vulnerabilities. Microsoft defines a zero-day as “a flaw in software for which no official patch or security update is...

Multiple Zero-Day Flaws in PDF Platforms Enable XSS and One-Click Attacks

16 zero-day security flaws found in Foxit and Apryse PDF platforms could lead to account takeover and RCE. Learn how AI identified these risks...

AI Found Twelve New Vulnerabilities in OpenSSL

The title of the post is"What AI Security Research Looks Like When It Works," and I agree: In the latest OpenSSL security release on January 27, 2026, twelve new zero-day vulnerabilities meaning unknown to the maintainers at time of disclosure were announced. Our AI system is responsible for the...

Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack

Ivanti has disclosed two critical remote code execution RCE flaws CVE-2026-1281 & CVE-2026-1340 in its EPMM software...

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." Unlike other...

$20 YoLink IoT Gateway Vulnerabilities Put Home Security at Risk

Four critical zero-day flaws found in the $20 YoLink Smart Hub allow remote physical access, threatening your home security. See the urgent steps you must take now...

PT-2025-39212

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.34 Description Chamilo is a learning management system. A Cross-Site Request Forgery CSRF issue allows an attacker to delete projects within a course without the victim’s consent. Sensitive actions, such as proje...

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation tha...

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept PoC exploi...

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexapreviously Cytrox. Predator was first documented by Google's Threat Analysis Group TAG in May 2022 as part of attacks leveraging five differen...

Zero-day vulnerabilities fixed in Apple macOS, iOS and iPadOS

Apple, in an interim update, has fixed two zero-day 0day vulnerabilities fixed in macOS, iOS and iPadOS. A malicious person can exploit the vulnerabilities to execute arbitrary code. The most serious vulnerability, marked CVE-2022-32894, allows execution of code at the kernel level. Abuse of this...

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance FTA server were exploited to steal sensitive business documents. As proof of access to the data...

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

Following Microsoft's release of out-of-band patches to address multiple zero-day flaws in on-premises versions of Microsoft Exchange Server, the U.S. Cybersecurity and Infrastructure Security Agency CISA has issued an emergency directive warning of "active exploitation" of the vulnerabilities. T...

Two New Chrome 0-Days Under Active Attacks – Update Your Browser

Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. The company released 86.0.4240.198 for Windows, Mac, and Linux, which it said will be rolling out over...

Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems

Multiple zero-day vulnerabilities in digital video recorders DVRs for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo...

Zero-Day Flaws in Counter-Strike 1.6 Let Malicious Servers Hack Gamers' PCs

If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers' computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicio...

Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs

Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge. The Facetime bug CVE-2019-6223...

Zero Day Flaws Overvalued Says New Microsoft Report

Attention given to previously unknown or “zero day” flaws may be overrated, according to research from Microsoft Corp. In an analysis, “Zeroing in on Malware Propagation Methods,” Microsoft follows the propagation of malware and how certain forms measure up against other vulnerability exploits...