Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

Weak security means attackers could disable all of a city's public EV chargers

Black Hat Asia Developers of rented internet of things infrastructure – stuff like public EV chargers and shared e-bikes – ...

Canada arrests three for operating “SMS blaster” device in Toronto

Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to ...

Unpatched Windows zero-days RedSun, UnDefend, and BlueHammer are being attacked

The zero-day vulnerabilities in Windows Defender named BlueHammer, RedSun, and UnDefend are apparently being attacked.

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

FBI offers urgent guidance on securing home routers after disrupting Russian intelligence hacking network

The FBI says Russian GRU hackers exploited vulnerable home and office routers in the U.S. and offers tips to protect your ...

Key tool of shoplifters and car thieves to be banned

Signal jamming devices that allow shoplifters to disable security tags and burglars to steal cars are set to be banned.
Tech Digest

Thieves can drain your funds from a locked iPhone with this trick

Cybersecurity researchers have demonstrated a sophisticated exploit that allows thieves to siphon thousands of pounds from a ...

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source ...
Council on Foreign RelationsOpinion

Six Reasons Claude Mythos Is an Inflection Point for AI—and Global Security

Anthropic’s new AI model has taught itself to hack into software infrastructure systems believed to be among the most secure ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech

AI breakthroughs, zero-day exploits, and layoffs reveal how this week’s tech news pivots on fast-moving artificial ...