Apple's A12 and A13 Chips Facing New Unpatchable Exploit

Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 ...
The Hacker News

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

Apple fixed CVE-2025-20701 in Beats Studio Buds firmware 1B211, closing a Bluetooth pairing flaw that could allow nearby ...
The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

The first unpatchable iPhone exploit in six years targets chips still running Apple's latest iOS

Security researchers at Paradigm Shift have published the first iPhone bootROM exploit in years. The process, called ...

New unpatchable exploit targets Apple devices with A12 and A13 chips

Researchers at Paradigm Shift have published the technical details of usbliter8, a new unpatchable iPhone BootROM ...

Anthropic Research Shows Mythos Model Built Working Exploits For Newly Disclosed Software Flaws In Hours

New research shows that the time required to convert flaws into working exploits has narrowed significantly with Anthropic's ...
SecurityWeek

Critical Command Execution Vulnerability Patched in Cisco ISE

Cisco has patched a critical-severity ISE and ISE-PIC vulnerability that could allow attackers to gain root access to the ...
SecurityWeek

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

Microsoft Copilot vulnerability could allow attackers to exfiltrate 2FA codes and enterprise data

Security researchers identify "SearchLeak" vulnerability in Microsoft Copilot that allows attackers to exfiltrate 2FA codes ...

How To Protect Against Zero-Day Vulnerabilities And Long-Term Risk

As organizations rely more heavily on interconnected systems, cloud platforms and AI, hidden flaws can create risks that ...

Aztec hit by second $2.1M exploit in less than week: SlowMist

Deprecated Aztec infrastructure has suffered a second exploit within days, adding to concerns about the security of abandoned smart contract infrastructure. Aztec’s private rollup bridge was exploited ...