Tech Times

Linux Kernel Root Exploit Published: DirtyClone Attack Leaves No Trace

Linux kernel privilege escalation exploit DirtyClone (CVE-2026-43503) is publicly documented: JFrog published a working attack walkthrough Thursday showing how any local user can gain root on ...

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being ...

New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available

Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with ...

Q2 2026 emerges as most-hacked quarter on record with 83 incidents

The second quarter of 2026 saw 83 cybersecurity incidents that cost the industry $755 million, with bridge exploits emerging ...
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Communications of the ACM

HexStrike Exploit Raises Cyber Stakes

Standard operating procedures in most Security Operations Centers (SOCs) are built around an assumption that humans will ...
The Hacker News

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub’s actions/checkout v7 now blocks risky fork PR checkouts in privileged workflows to reduce common pwn request attacks.

The 5060 siege: How industrialised attacks are targeting business phone systems

For organisations, the lesson is clear: communication systems must be treated with the same level of scrutiny and protection ...
Decrypt

Linux Foundation, Tech Giants Launch Akrites to Defend Open Source Against AI-Powered Attacks

Akrites is a coalition of 19 organizations, including every major AI lab and Wall Street banks, built to defend open-source ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...

Oligo Security delivers runtime protection in the new age of AI-driven attacks

Security solution from Oligo blocks real-time exploits across workloads and AI systems without disrupting containers or ...

New Malware Attack Exploits WhatsApp Desktop And Web Users, Report Reveals

Recent research by Kaspersky reveals that malware campaigns are targeting WhatsApp, including its web and desktop versions, ...