Vulnerability

Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days

2 minute read

Security

Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days

Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms.

byDeeba Ahmed

May 12, 2026

2 minute read

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.

byDeeba Ahmed

May 11, 2026

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

3 minute read

Security

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

The Dirty Frag vulnerability affects Linux systems and allows root access escalation, while public PoC exploit code increases attack risks.

byDeeba Ahmed

May 11, 2026

3 minute read

ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data

The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.

byDeeba Ahmed

May 8, 2026

ShinyHunters Defaces Canvas LMS Portal, Thousands of Universities Affected

3 minute read

ShinyHunters Defaces Canvas LMS Portal, Hundreds of Universities Affected

ShinyHunters hackers defaced the official Canvas LMS portal after breaching Instructure systems, disrupting university access worldwide.

byWaqas

May 8, 2026

Why Microsoft Edge keeps your saved passwords in plaintext

3 minute read

Researcher Shows Edge Browser Stores Saved Passwords in Plaintext

Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal.

byDeeba Ahmed

May 7, 2026

Why Outdated Maintenance Software Is a Growing Ransomware Risk

7 minute read

Security

Why Outdated Maintenance Software Is a Growing Ransomware Risk

Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers.

byUzair Amir

May 7, 2026

3 minute read

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes.

byDeeba Ahmed

May 7, 2026

2 minute read

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise.

byDeeba Ahmed

May 6, 2026

ShinyHunters Instructure Canvas and Vimeo in Massive Data Breaches

3 minute read

ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users

ShinyHunters breached Instructure and Vimeo, exposing millions of student and user records through direct and supply chain attacks.

byDeeba Ahmed

May 6, 2026

The Latest

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in US

Why Canadian Telecom Providers Are Prime Targets for Cyberattacks

Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended

Vulnerability

Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days

Google Says Hackers Used AI to Develop a Zero-Day Exploit

9-Year-Old Dirty Frag Vulnerability Enables Root Access on Linux Systems

ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data

ShinyHunters Defaces Canvas LMS Portal, Hundreds of Universities Affected

Researcher Shows Edge Browser Stores Saved Passwords in Plaintext

Why Outdated Maintenance Software Is a Growing Ransomware Risk

Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Brinker Introduces a Novel Approach to Deepfake Detection

BreachLock Named Representative Vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation