The Hacker NewsJun 10, 2026Pentesting / Security Validation Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear.… Read More "Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar"
The researcher said their exploit uses a race condition problem affecting Microsoft Defender, giving attackers less than a hundred percent odds at success, which can potentially allow SYSTEM-level privilege on even freshly updated Windows. As before, the exploit arrives just… Read More "Microsoft feud escalates as researcher drops new Windows zero-day"
ESET researchers uncovered a multiplatform supply-chain attack by North Korea-aligned APT group ScarCruft, targeting the Yanbian region in China – home to ethnic Koreans and a crossing point for North Korean refugees and defectors. In the attack, probably ongoing since… Read More "ScarCruft compromises gaming platform in a supply-chain attack"
Just days after expanding its cybersecurity-focused frontier AI program, Project Glasswing, Anthropic released two new models, Claude Mythos 5 and Claude Fable 5. Mythos 5 has been presented by Anthropic as “an upgrade to Claude Mythos Preview” and the AI… Read More "New Anthropic Fable 5 Is a “Mythos-Class” LLM Available to All"
Ahead of this year’s World Cup, Amnesty International warned that millions of fans attending the tournament are at risk of attacks on their human rights, especially in the United States. The organization added that the tournament, which will also be… Read More "Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations"
In my previous column, I offered some suggestions to help security teams avoid being blindsided when AI applications are moved into production. In this piece, I’d like to offer some thoughts on what is required for security teams to efficiently… Read More "After AI Reaches Production: 12 Ways Security Teams Can Take Control"
Ravie LakshmananJun 10, 2026Zero-Day / Vulnerability The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. “The exploit is a race condition, so it’s… Read More "Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows"
“Agentic AI is really the intersection of all of the cybersecurity risks that come with traditional software systems along with all of the AI security and safety risks,” he says. AI is a team sport, too Bryan points to Microsoft’s… Read More "AI red teaming comes of age"
How come it’s still possible to ‘secure’ an online account with a six-digit string? 07 May 2026 • , 4 min. read The most-used password globally is exactly what you think it is: ‘123456.’ That’s according to NordPass’s latest annual… Read More "Fixing trivial passwords is as easy as 123456"
Google Cloud’s operations chief said the tech giant does not plan to release a separate, cyber‑focused frontier model like Anthropic’s Clause Mythos. Instead, Google believes high‑quality generalist AI models, like Gemini 3.1 Pro, Google’s latest large language model (LLM), are… Read More "Google Favors General‑Purpose Gemini Models Over Cybersecurity‑Specif"
