Tech & Science
New HTTP/2 Vulnerability Enables Global Denial-of-Service Attacks
SAN FRANCISCO (AP) — A critical vulnerability in the HTTP/2 protocol has been discovered that allows attackers to execute remote denial-of-service attacks against major web servers worldwide. The flaw...
Microsoft Windows Vulnerability Enables NTLM Hash Theft via Search URI Handler
SEATTLE (Reuters) - A critical unpatched vulnerability in Microsoft Windows operating systems allows attackers to steal authentication credentials through the Windows search URI handler, security rese...
Security Researcher Releases Exploit Code for Visual Studio Code Zero-Day Vulnerability
A security researcher has released exploit code for a zero-day vulnerability in Microsoft's Visual Studio Code that enables attackers to steal GitHub authentication tokens by tricking users into click...
Critical Vulnerability in HP Poly Voice Phones Exposes Enterprise Networks to Remote Attacks
SAN FRANCISCO — A critical security flaw in HP Poly Voice VoIP phones allows attackers to execute code with root privileges, potentially breaching enterprise networks globally. The vulnerability, iden...
Trump Signs Executive Order Establishing Voluntary AI Vetting Framework
WASHINGTON — President Donald Trump signed an executive order on Monday establishing a voluntary framework for federal agencies to vet advanced artificial intelligence systems for national security ri...
Microsoft Unveils New Security Tools for AI-Driven Development at Build 2026
REDMOND, Wash. (AP) — Microsoft announced a suite of new security tools and capabilities Tuesday aimed at securing code, artificial intelligence agents, and models across the entire software developme...
Malware Campaign Infects Over 116,000 Minecraft Systems Globally
LONDON (AP) — A sophisticated malware campaign dubbed WeedHack has infected more than 116,000 computer systems worldwide since January, targeting players of the popular video game Minecraft through ma...
Hackers Exploit Meta AI Flaw to Compromise High-Profile Instagram Accounts
SAN FRANCISCO — Threat actors have successfully compromised multiple high-profile Instagram accounts by exploiting a logic flaw in Meta's AI-powered account recovery assistant, security researchers co...
Google Patches 124 Android Vulnerabilities, Including Actively Exploited Zero-Day
SAN FRANCISCO — Google released a comprehensive set of security updates for the Android operating system on Monday, addressing 124 vulnerabilities, including a zero-day flaw that is currently being ex...
Anthropic Expands AI Security Initiative to 150 New Global Organizations
SAN FRANCISCO (AP) — Anthropic announced Monday a significant expansion of its Project Glasswing initiative, granting access to its AI security tool, Claude Mythos Preview, to approximately 150 new or...
CISA Orders Federal Agencies to Patch Critical Oracle WebLogic Vulnerability
WASHINGTON — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive to federal agencies requiring them to patch a critical vulnerability in Oracle WebLogic Ser...
Microsoft Confirms Global Outage Affecting Multi-Factor Authentication Services
Microsoft confirmed Monday that a widespread outage is impacting its Multi-Factor Authentication (MFA) and My Sign-Ins platforms, preventing users from accessing accounts protected by the security pro...
Red Hat npm packages compromised in supply-chain attack distributing Miasma malware
More than 30 software packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack distributing a new variant of the Shai-Hulud credential-stealing malware dub...
Hackers win record $1.3M at Pwn2Own Berlin 2026
BERLIN — A global hacking competition concluded Saturday with researchers uncovering 47 unique zero-day vulnerabilities across enterprise software and artificial intelligence systems, setting a new pa...
Dashlane Users Locked Out After Brute-Force Attacks Trigger Security Lockdown
SAN FRANCISCO — Multiple users of the Dashlane password manager were locked out of their accounts on June 1, 2026, following a series of automated security responses triggered by suspected brute-force...
Microsoft investigates Teams and Office outage affecting European Union users
Microsoft is investigating an ongoing service disruption preventing users across the European Union from opening files in its Teams collaboration platform and Office for the web. The incident, which b...
Threat Actors Exploit Critical Windows Netlogon Vulnerability in Belgium
BRUSSELS — Threat actors are actively exploiting a critical remote code execution vulnerability in Windows Netlogon, targeting domain controllers across Belgium. The attack, identified as CVE-2026-410...
Malicious npm Package Exfiltrates OpenAI Codex Tokens
SAN FRANCISCO — A malicious code injection in a popular software development package has compromised OpenAI Codex authentication tokens, security researchers confirmed Monday. The attack, attributed t...
Iran Leverages Western AI Tools for Cyber Operations Against US and Israel
TEHRAN — Iranian state-linked cyber units are utilizing advanced Western artificial intelligence tools to develop malware and orchestrate phishing campaigns targeting the United States and Israel, mar...
Critical Linux Kernel Vulnerability Exposes Global Systems to Root Access
LONDON (May 30, 2026) — A critical security vulnerability in the Linux kernel, designated CIFSwitch, allows unprivileged users to escalate their permissions to root access on a wide range of Linux dis...
Handala Hacking Group Claims Breach of Holocaust Victim Support Center
JERUSALEM (AP) — The Handala hacking group announced Saturday that it successfully breached the computer systems of the Holocaust Victim Support Center, extracting and publishing more than two million...
California Sues 23andMe Over 2023 Data Breach Affecting 7 Million Users
SACRAMENTO (AP) — California Attorney General Rob Bonta filed a lawsuit Wednesday against Chrome Holding Co., formerly known as 23andMe, alleging the company failed to protect sensitive user data foll...
Threat Actor Exploits Marimo Network Vulnerability to Exfiltrate Database
An unknown threat actor exploited a publicly accessible Marimo network on May 10, 2026, to steal credentials and exfiltrate a PostgreSQL database using an artificial intelligence agent. The attack lev...
Security Firm Identifies Hundreds of Thousands of Exposed Web Assets on Vibe-Coding Platforms
LONDON, May 29 (AP) — Security researchers have identified more than 380,000 publicly accessible web assets on emerging "vibe-coding" platforms, revealing that over 2,000 corporate-built applications ...
Palo Alto Networks, Rapid7, Arctic Wolf Identify Active Exploitation of PAN-OS Vulnerability
SAN FRANCISCO (AP) — A medium-severity authentication bypass vulnerability in Palo Alto Networks' PAN-OS devices is being actively exploited by threat actors to establish unauthorized VPN connections ...
Dutch Authorities Take Offline 17-Million-Device Botnet in Major Cyber Operation
AMSTERDAM, May 29 (AP) — Dutch authorities dismantled a massive botnet comprising 17 million infected devices Friday, seizing more than 200 servers in a coordinated operation against cybercriminal inf...
Anthropic to Launch Mythos-Class AI Models to Public After Security Review
SAN FRANCISCO — Anthropic announced plans to make its advanced Mythos-class artificial intelligence models available to the general public, marking a significant shift from its previous stance of rest...
SANS ISC Reports Surge in Ransomware, Vaultjacking and Cryptojacking Campaigns
JACKSONVILLE, Fla. (AP) — The SANS Internet Storm Center issued a weekly security threat report Wednesday detailing a coordinated rise in ransomware, credential theft, and cryptocurrency mining attack...
BleepingComputer, Tines to Host Webinar on AI-Driven Incident Response
LONDON (Reuters) - Cybersecurity publication BleepingComputer and security automation platform Tines announced Thursday they will host a webinar focused on leveraging artificial intelligence and autom...
UK Cyberspying Chief Warns of Weaponized AI Threat from Russia
LONDON — The head of Britain's cyberspying agency warned Tuesday that artificial intelligence has become an unstoppable force, increasingly weaponized by Russia and other adversaries to target Western...