openai

OpenAI Shifts the Remediation Paradox: From Finding Bugs to Patching Them

OpenAI releases GPT-5.5-Cyber and the Patch the Planet initiative. AI has solved vulnerability discovery, creating a larger problem: t…

Jun 23, 2026views - 1.2k

CYBERSEC

Tata Electronics Breach: 200,000 Files Leaked, Apple and Tesla Secrets Appear on Dark Web

Tata Electronics confirmed a cybersecurity incident on June 22, 2026, stating it occurred "a few weeks ago" with no operational impact…

Jun 23, 2026views - 2.1k

CYBERSECEXPLOIT

usbliter8: Unpatchable Exploit Hits Apple A12/A13 SecureROM

Paradigm Shift releases usbliter8, an unpatchable hardware exploit achieving arbitrary EL1 execution in Apple A12/A13 SecureROM via th…

Jun 19, 2026views - 1.1k

aiCRITICAL

AutoJack: A Single Web Page Hijacks AI Agents to Execute Code on the Host

Microsoft Security has disclosed AutoJack, a three-vulnerability chain in AutoGen Studio that turns browsing-capable AI agents into ve…

Jun 19, 2026views - 974

CYBERSEC

Apple Beats: Bluetooth Flaw Turns Headphones Into Spy Microphones

Apple patched CVE-2025-20701 in Beats Studio Buds: attackers within Bluetooth range could eavesdrop on conversations by exploiting a f…

Jun 18, 2026views - 879

malware

Lorem Ipsum Pivots to ClickFix After Fox Tempest Takedown

BlueVoyant reports the Lorem Ipsum malware abandoned signed Microsoft Teams installers for ClickFix tactics on compromised WordPress s…

Jun 16, 2026views - 783

CYBERSEC

GhostTree: The NTFS Attack That Freezes EDR

Varonis Threat Labs disclosed GhostTree, an evasion technique that neutralizes Windows Defender using recursive NTFS junctions — no el…

Jun 16, 2026views - 954

VULNCRITICAL

Vertex AI SDK: Cross-Tenant Bucket Squatting Enabled RCE

Google Cloud Vertex AI SDK versions 1.139.0 through 1.140.0 were vulnerable to cross-tenant bucket squatting leading to remote code ex…

Jun 16, 2026views - 907

malware

DragonForce Weaponizes Microsoft Teams TURN Relays for Stealth C2

The DragonForce ransomware group deployed Backdoor.Turn, the first documented in-the-wild malware to abuse Microsoft Teams' legitimate…

Jun 16, 2026views - 822

VULNCVE

CVE-2026-11645: Google Patches Fifth Chrome Zero-Day of 2026

Google has released a critical patch for CVE-2026-11645, a zero-day vulnerability in Chrome's V8 engine. With an exploit active in the…

Jun 12, 2026views - 753

CYBERSECZERO-DAY

Microsoft Patches Actively Exploited Exchange Zero-Day, Mandates Dual-Layer Defense

Microsoft has released a permanent patch for CVE-2026-42897, an XSS zero-day in Exchange OWA. Despite the update, the EEMS mitigation…

Jun 10, 2026views - 843

VULNEXPLOIT

RoguePlanet: Zero-Day Exploit (CVE-2026-42897) Hits Fully Patched Windows 10 and 11 Systems

RoguePlanet (CVE-2026-42897) leverages a race condition in Microsoft Defender to gain SYSTEM privileges on Windows 10 and 11 devices,…

Jun 10, 2026views - 882