CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

Solana-based decentralized exchange Raydium will repay the funds swiped in the $1.34 million exploit using its treasury.

Researchers at Paradigm Shift have published the technical details of usbliter8, a new unpatchable iPhone BootROM ...

Attackers drained $2.1 million from a deprecated Thetanuts vault in latest DeFi exploit, while whitehats rescued $2 million.

Vulnerabilities in FortiSandbox are currently targeted by internet attacks. Patches to secure them have been available since ...

With the popularity of the Netflix series Zero Day among cybersecurity experts and others, the show has evolved into an interesting reference for comprehending the far-reaching effects of zero-day ...

The real leap in Anthropic's and OpenAI's latest cyber-capable models isn't that they can hack in entirely new ways, but that they can do it faster, at greater scale, and increasingly turn ...

Disrupts AI-powered exploit-driven attacks earlier in the attack chain Enables security teams to prioritize remediation based on real attacker activity—not severity scores Automatically translates ...

Threat actors are abusing AI tools in increasingly sophisticated ways, including exploit development and attack orchestration. Google today published new research tracking how adversaries leverage AI ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

Abracadabra.Finance, a decentralized lending platform, was exploited for $13 million worth of cryptocurrency. The attack targeted pools tied to GMX liquidity tokens within Abracadabra’s “cauldrons.” ...