Checkmarx Unveils Next Generation SAST Engine with Hybrid AI Architecture

Checkmarx today unveiled Checkmarx SAST, which the company said is the first static analysis engine with a security-tuned LLM ...
IEEE

MOCGuard: Automatically Detecting Missing-Owner-Check Vulnerabilities in Java Web Applications

Abstract: Java web applications have been extensively utilized for hosting and powering high-value commercial websites. However, their intricate complexities leave them susceptible to a critical ...
Dark Reading

AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...
Forbes

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Microsoft confirms Exchange zero-day, CISA warns it's under active exploitation. Updated May ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...
Windows Report

RedSun Exploit Hits Microsoft Defender Zero-Day, Grants SYSTEM Access

A newly released proof-of-concept exploit called RedSun is raising serious concerns around Microsoft Defender security. The exploit allows attackers to gain full SYSTEM-level access even on fully ...
TechRepublic

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. Attackers have been exploiting a ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
TechRepublic

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting SYSTEM-level access and leaving no patch yet. A disgruntled security researcher ...
GitHub

POOPS PS5 - BD-J Kernel Exploit & ELF Loader

A complete Java port of the poops_ps5.lua IPv6 UAF kernel exploit originally developed by Gezine and egycnq, based on the ExploitNetControlImpl vulnerability discovered by TheFlow. This project is ...