Author: Robert Timlick

  • Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet.

    “The exploit is a race condition, so it’s a hit or miss,” the researcher, who published the exploit under a new GitHub account, “MSNightmare” said. “I have managed to get a 100% success rate on

  • Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

    Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

    Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks.

    “In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger

  • Meta to Use Off-Site Business Data for Feed and AI Personalization

    Meta on Tuesday announced that it will use information shared by other businesses to personalize users’ feed and responses from its artificial intelligence (AI) chatbot, expanding its scope beyond targeted ads.

    “Businesses often share information about people’s activity on their sites with us to make ads more relevant,” Meta said in a statement.

    “We already use this data – like games you play

  • Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

    Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

    Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code.

    “Our priority is to protect customers and the broader ecosystem,” a Microsoft spokesperson told The Hacker News via email. “We temporarily removed some

  • WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

    WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

    Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released.

    The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an

  • The Hidden Security Risk in Modern Networks: The Work Between Tools

    The Hidden Security Risk in Modern Networks: The Work Between Tools

    Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort.

    But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to

  • New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

    New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

    A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt.

    You open the page, leave the tab sitting there, and it watches the drive for contention in the background.

    Researchers at Graz University of Technology built it and

  • LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

    The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the

  • Oregon Journalism Project: Former U.S. Sen. Bob Packwood dies at 93

    Oregon Journalism Project: Former U.S. Sen. Bob Packwood dies at 93

    Free news: This story was produced by the Oregon Journalism Project, a nonprofit investigative newsroom for the state of Oregon.
  • One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

    One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

    Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container.

    The flaw, CVE-2026-23111, sits in the kernel’s nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June 8, and it is not even