Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Infosecurity-magazine.com

Fortinet Warns Exploit Code Available for Critical Vulnerability

Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit code is currently circulating in the wild. Published on Tuesday, ...

Nearly all firms admit they have shipped code they know is vulnerable

Organizations are rushing to push the code live, ignoring the obvious security risks.
Infosecurity-magazine.com

61% of Hackers Use New Exploit Code Within 48 Hours of Attack

In 2024, cyber-criminals have launched attacks within 48 hours of discovering a vulnerability, with 61% of hackers using new exploit code in this short timeframe. Companies faced an average of 68 days ...
Bleeping Computer

Exploit released for Palo Alto PAN-OS bug used in attacks, patch now

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...
Bleeping Computer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...
domain-b.com

Google reports first AI-generated zero-day exploit in cybersecurity milestone

Google’s Threat Intelligence Group reports the first known case of AI-assisted zero-day vulnerability exploitation, marking a ...