SecurityWeek

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

The PhantomRPC Windows vulnerability allows attackers to elevate their privileges to System by using a fake RPC server.
Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...
IEEE

Exploit Security for Low-Altitude Economy: A SWIPT-Driven Strategy With UAV-Mounted MF-RIS

Abstract: The low-altitude economy (LAE) is emerging as a critical enabler for next-generation (6G) networks. In this correspondence, we propose a secure and energy-efficient simultaneous wireless ...
Futurism

Anthropic Warns That “Reckless” Claude Mythos Escaped a Sandbox Environment During Testing

Add Futurism (opens in a new tab) More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results. In a ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
TechRepublic

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A disgruntled security researcher has made good on a threat. A security researcher going by the aliases Chaotic Eclipse and Nightmare-Eclipse published exploit code for a Windows privilege escalation ...
Windows Report

Windows BlueHammer Zero-Day Lets Attackers Gain SYSTEM Access

Microsoft is dealing with a newly disclosed zero-day vulnerability in Windows that could allow attackers to gain full system control, with no official fix available yet. The flaw, called BlueHammer, ...
Bleeping Computer

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...
Bleeping Computer

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud ...
CoinDesk

Drift says $270 million exploit was a six-month North Korean intelligence operation

A six-month intelligence operation preceded the $270 million exploit of Drift Protocol and was carried out by a North Korean state-affiliated group, according to a detailed incident update published ...
New York Post

Google issues 2nd security warning in days over Chrome browser attacks

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...
CoinTelegraph

Drift sends onchain message to wallets tied to $280M exploit

Drift Protocol initiated onchain contact with wallets tied to the $280 million exploit as an unknown sender also attempts to pressure the attacker. Drift Protocol, a Solana-based decentralized ...