Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...

Anthropic’s AI Hacked the Firefox Browser. It Found a Lot of Bugs.

New AI-powered tools are increasingly adept at spotting flaws. Hacking experts worry they will be good at exploiting them, too.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
Hosted on MSN

Container ship in Port of Tacoma raises questions about rumored Renee Good tribute

In January 2026, after U.S. Immigration and Customs and Enforcement (ICE) agent Jonathan Ross shot and killed 37-year-old Renee Good in Minneapolis, Minnesota, a photo (archived) circulated online ...
TMCnet

McAfee Simplifies Safety with the Industry's Most Complete Scam Detector - Now with Instant QR Code Scam Checks and Smarter Social Messaging Scam Protection

McAfee, a global leader in personal protection, today announced upgrades to Scam Detector that make staying safe wherever you're connected stronger, smarter, and simpler. Scams come through many ...
CSOonline

Actively exploited Cisco UC bug requires immediate, version‑specific patching

The RCE flaw lets remote attackers gain root on affected systems with no user interaction. Cisco has released multiple version‑specific patch files — but offers no fix for 12.5 — as CISA warns the bug ...
ZDNet

I used GPT-5.2-Codex to find a mystery bug and hosting nightmare - it was beyond fast

A $20 ChatGPT Plus plan can handle real-world bug fixes. Codex helped identify both code bugs and hosting issues. AI saved time by fixing code and drafting support emails. When you're a lone ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript. The vulnerability, tracked ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...
IEEE

Detector Design and Performance Analysis for Adaptive CFAR Detection in Nonzero-mean Environment

Abstract: This article investigates the adaptive radar detection problem in a nonzero-mean background, where both the covariance matrix (CM) and mean vector (MV) of interference signals remain unknown ...
SiliconANGLE

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code execution vulnerability in Cursor Inc.’s integrated development environment that ...