Mythos finds a curl vulnerability
31
votes
Showing only topics with the tag "vulnerabilities".
Back to normal view
-
-
Curl will end its bug bounty program by the end of January due to excessive AI generated reports
63 votes -
Adversaries leverage AI for vulnerability exploitation, augmented operations, and initial access
5 votes -
AI is breaking two vulnerability cultures
19 votes -
Behind the scenes hardening Firefox with Claude Mythos Preview
20 votes -
Dirty Frag, an exploit which can obtain root privileges on major Linux distributions
31 votes -
Linux privilege escalation (CVE-2026-31431)
49 votes -
The zero-days are numbered — Firefox team uses AI to find and fix vulnerabilities
38 votes -
Synthesizing multi-agent harnesses for vulnerability discovery
9 votes -
Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148
19 votes -
AI will compromise your cybersecurity posture
8 votes -
Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking
62 votes -
Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers
35 votes -
Copilot broke your audit log, but Microsoft won’t tell you
38 votes -
WinRAR zero-day under active exploitation – update to latest version immediately
40 votes -
Global hack on Microsoft SharePoint hits US, state agencies, researchers say
37 votes -
iOS Denial of Service via Darwin notifications
11 votes -
Next.js and the corrupt middleware: the authorizing artifact
20 votes -
How I hacked my company's SSO provider
18 votes -
Find my hacker: How Apple's network can be a potential tracking tool
16 votes -
Too many people don’t value the time of security researchers
22 votes -
Project Zero: Using large language models to catch vulnerabilities in real-world code
7 votes -
SS7: A mobile network operator protocol with scary vulnerabilities
29 votes -
Bypassing airport security via SQL injection
54 votes -
Maximum-severity Cisco vulnerability allows attackers to change admin passwords
26 votes -
This GitHub profile has a custom background
31 votes -
GitHub Issues Patch for Critical Exploit in Enterprise Server
8 votes -
Cyber security: A pre-war reality check
34 votes -
‘TunnelVision’ attack leaves nearly all VPNs vulnerable to spying
40 votes -
Critical vulnerability in Rust's Command library allows for command injection when using its API to invoke batch scripts with arguments on Windows systems (CVE-2024-24576)
18 votes -
Hackers can infect network-connected wrenches to install ransomware, researchers say
28 votes -
All cops are broadcasting. TETRA unlocked after decades in the shadows.
26 votes -
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters
13 votes -
WinRAR zero-day exploited since April to hack trading accounts
31 votes -
A data breach at Christie’s revealed exact GPS coordinates of collectors’ artworks
25 votes -
Hackers exploited a zero-day flaw in Ivanti's software undetected for at least three months, US and Norwegian cybersecurity agencies warn
14 votes -
Apple fixes zero-days used to deploy Triangulation spyware via iMessage
8 votes -
Prompt injection: What’s the worst that can happen?
8 votes -
Prompt injection attacks against GPT-3
14 votes -
Hertzbleed - a new family of frequency side channel attacks on x86 processors
13 votes -
New Chrome zero-day bug under active attack
12 votes -
How to find dangerous Log4j libraries
1 vote -
The lead developer of curl analyzed its known security vulnerabilities and determined that half of them are related to it being written in C
12 votes -
Finding vulnerabilities in the calling state machines of video/audio messaging platforms
3 votes -
SolarWinds: New findings from our investigation of SUNBURST
6 votes -
Achilles: Over 400 vulnerabilities found in Qualcomm’s Snapdragon DSP chip, threatening the security of hundreds of millions of Android devices
17 votes -
Edison Mail vulnerability allowing unauthorized access to email accounts of other users
4 votes -
Analysis of Voatz mobile voting app by MIT researchers finds elementary security flaws
11 votes -
Firefox zero-day was used in attack against Coinbase employees, not its users
11 votes -
'RAMBleed' Rowhammer attack can now steal data, not just alter it
7 votes