CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...

This is what some of the world’s largest banks of malware look like stacked as hard drives

What would some of the world's largest repositories of malware look like if they were stacked as hard drives, one on top of the other?
CSO Online

Google discovers weaponized zero-day exploits created with AI

The 2FA bypass exploit stemmed from a faulty trust assumption, providing evidence of AI reasoning that can discover ...
IEEE

Designing a Static Malware Analysis Framework for Detecting Malicious Malware Code with Ghidra

Abstract: Malware analysis is an integral part of cybersecurity, however traditional signature-based detection techniques are inadequate for advanced obfuscation techniques. This paper proposes a ...
The Hacker News

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's nuclear program by destroying uranium enrichment ...
TechCrunch

Another spyware maker caught distributing fake Android snooping apps

Yet another government spyware maker has been caught after its customers used fake Android apps to install its surveillance software on targets, according to a new report. On Thursday, Osservatorio ...
Wired

Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally. Vitaly ...
iDrop News

Two New macOS Threats Could Be Hiding From Your Antivirus

Following its discovery of “ModStealer” last September, Apple device management and security firm Mosyle has identified another pair of macOS nasties that fly under the radar of antivirus engines. Mac ...
Wired

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as much as $12 million in three months. On Wednesday, cybersecurity firm Expel ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 ...
Finbold | Finance in Bold

Bybit Security exposes macOS malware campaign targeting users searching for Claude Code

Bybit has disclosed details of a multi-stage macOS malware campaign targeting users searching for “Claude Code,” an AI-powered development tool by Anthropic, according to findings published by its ...