Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been ...

An Android-specific malware targeting mobile device takeover appears to use generative AI (GenAI) services in its execution flows to maintain persistence on the victim’s smartphone, researchers at ...

ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – ...

Dell has released a patch for a critical zero-day vulnerability in its RecoverPoint for Virtual Machines product, which Mandiant said has been silently exploited by a Chinese APT group since 2024. CVE ...

Metasploit-AI is a cutting-edge cybersecurity framework that combines the power of Metasploit with advanced artificial intelligence and machine learning capabilities. Designed for cybersecurity ...

A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting ...

Arc Raiders players have gathered to applaud Embark Studios after it took just one day to tackle new duplication and infinite ammo exploits – even though reports of a new inventory glitch have already ...

Microsoft has rolled out fixes for security vulnerabilities in Windows and Office, which the company says are being actively abused by hackers to break into people’s computers. The exploits are ...

Attackers are already actively exploiting six of the 59 vulnerabilities Microsoft disclosed in its latest security update, meaning security teams will need to treat February's Patch Tuesday more as an ...

Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation. The ...