Tools

Socket raises $60M Series C at $1B valuation to defend software supply chains against AI-era attacks.

TeamPCP steals 3,800 GitHub repositories via poisoned VS Code extension, demands $95K

Pwn2Own Berlin 2026 concludes with 47 zero-day exploits demonstrated and $1.3M in payouts.

Pwn2Own Berlin 2026 awards $1.3M for 47 zero-day exploits across Windows, Linux, VMware, Nvidia, and AI products.

RDP stealer malware discovered with Windows Defender evasion capability.

PoC code published for critical NGINX heap buffer overflow vulnerability (CVE-2026-42945).

Industry develops verification standards for autonomous AI agents operating in enterprise systems.

Unit 42 analyzes AD CS exploitation techniques including template misconfigurations and shadow credential misuse.

Pwn2Own Berlin 2026 day one: researchers exploit 24 zero-days in Windows 11, Edge, Linux, and AI tools for $523K.

18-year-old NGINX heap buffer overflow vulnerability allows DoS and potential RCE.

AI hallucinations pose critical security risks in infrastructure decision-making through confident but inaccurate

F5 patches over 50 vulnerabilities in BIG-IP, BIG-IQ, and NGINX products.

Dell SupportAssist v5.5.16.0 causes Windows BSOD crashes on affected systems.

Broadcom patches high-severity TOCTOU privilege escalation flaw in VMware Fusion.

Claude Mythos Preview and GPT-5.5 break autonomous cyber capability benchmarks, solving previously unsolvable attack

TanStack supply chain attack compromises Mistral AI SDK packages on npm and PyPI

Microsoft MDASH and Palo Alto's Claude Mythos AI find dozens of vulnerabilities in their own code.

Microsoft's MDASH AI system discovered 16 Windows flaws, including 2 critical RCE vulnerabilities, fixed in May 2026

Microsoft announces MDASH, an AI agentic system that discovered 16 new Windows vulnerabilities including four Critical

Microsoft announces MDASH AI system that discovered 16 new Windows vulnerabilities including 4 critical RCE flaws.

Microsoft patches 137 vulnerabilities including 30 critical; Adobe addresses 52 vulnerabilities with 27 critical in May

Signal adds in-app warnings to combat phishing and social engineering via linked device abuse.

Microsoft May 2026 Patch Tuesday fixes 120 flaws with 17 critical vulnerabilities, no zero-days.

Threat actor releases two new exploitation tools: YellowKey (BitLocker bypass) and GreenPlasma (Windows privilege

Responder tool exploits NetBIOS election mechanism to intercept network traffic.

SAP patches 15 critical and high-severity vulnerabilities in S/4HANA, Commerce, and other enterprise products.

Agentic AI systems running in production lack security team oversight and understanding, creating emerging blind spots.

Apple iOS 26.5 enables end-to-end encrypted RCS messaging by default across iPhone and Android devices.

AIRDC, an AI-powered hidden remote desktop control tool, advertised for sale by threat actors targeting Windows.

Build Application Firewalls emerge as defense against supply chain attacks targeting CI/CD pipelines.

Purple team security model fails due to process friction, tool fragmentation, and inability to match AI-powered

Checkmarx Jenkins AST plugin compromised with malicious version published to Jenkins Marketplace.

JDownloader website compromised to distribute malware via modified installers on May 6-7, 2026.

ClaudeBleed vulnerability in Claude Chrome extension allows data exfiltration via guardrail bypass.

Chrome extension flaw in Anthropic's Claude allows malicious plugins to hijack AI agent without permissions.

Analysis of 25M security alerts reveals 1% of confirmed incidents came from low-severity alerts, with one missed threat

Pentest-Tools releases free scanner for CVE-2026-41940, critical cPanel auth bypass actively exploited for 3 weeks.

ClaudeBleed vulnerability in Claude Chrome extension allows attackers to hijack AI agent via prompt injection.

Microsoft Edge stores saved passwords in plaintext memory, making them easily accessible to attackers.

Chrome 148 released with 127 security fixes including three critical vulnerabilities.

Threat actors use LLMs to develop malicious browser extensions disguised as AI tools.

Cisco researchers reveal pixel-level perturbation attacks bypass vision-language model safety filters.

Malicious code repositories trigger execution in Claude, Cursor, Gemini, and CoPilot CLIs via inadequate warnings.

Google Chrome silently installs 4GB Gemini Nano AI model without user consent.

Nuclei template released for detecting PAN-OS CVE-2026-0300 zero-day vulnerability.

QA and test environments pose production-grade security risks through misconfigurations and excessive permissions.

Google expands Binary Transparency for Android to detect supply chain attacks on Google apps.

PhishLab V1 phishing-as-a-service panel offered on hacking forum with 2FA bypass claims.

SCA tools miss critical vulnerabilities in EOL open source software due to CVE investigation gaps and tracking blind

WHQL-signed vulnerable kernel driver from DNP Hypertech abuses ObCallbacks to hide processes.