A newly disclosed zero-click exploit chain targeting Google Pixel 10 devices has raised fresh concerns about Android’s low-level security. Google Project Zero researchers demonstrated how…
A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through…
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still…
OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but…
Bradford is to be the site of one of the UK’s first projects to reuse waste heat from a datacentre, after operator Deep Green this week…
OpenAI has disclosed the impact of the recent TanStack supply chain attack, warning that credential material was exfiltrated from internal source code repositories. The open…
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K Pierluigi Paganini May 15, 2026 Day two of Pwn2Own…
Colorado Governor Jared Polis has commuted the prison sentence of Tina Peters, the former Mesa County election clerk who was sentenced last year to serve…
Node-ipc is a Node.js module that implements support for local and remote Inter-Process Communication over various types of socket across all major platforms. One use…
Operational Technology (OT), which has widespread deployment across sectors, is increasingly coming under attack as the trend of IT/OT convergence continues. IT/OT convergence is the…
In April 2026, Insikt Group® identified 37 high-impact vulnerabilities that should be prioritized for remediation, 35 of which had a Very Critical Recorded Future Risk…
Acknowledgements: Huntress wishes to recognize the contributions of SOC analysts Tanner Filip, Jose Oregon, and Priscilla Ibarra, and Lindsey O’Donnell-Welch for help hunting telemetry for…
