There was a way to elevate normal Linux users' privileges to root, granting threat actors admin access.

THORChain's ADR028 recovery plan covers $10.7M exploit losses through Protocol-Owned Liquidity without minting new RUNE ...

AI boosts productivity for everyone, including attackers. In this case, the technology augmented the human security research team’s efforts, enabling them to identify a weakness in Apple’s security ...

Polymarket confirms a private key compromise drained over $520K from an internal wallet. Smart contracts and user funds ...

ZachXBT reports Polymarket's UMA CTF Adapter has been exploited on Polygon, with over $520,000 reportedly drained so far.

CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout.

The attacker behind the Verus bridge exploit has returned 4,052 Ether, worth about $8.5 million, to the project's team wallet ...

CISA added two exploited bugs to KEV, forcing federal agencies to patch Langflow and Apex One flaws by June 4, 2026.

Oliver Sild, founder of Patchstack WordPress security company, shared concerns about the security of AI API keys in WordPress 7.0, sharing that there “will be an absolute rush by hackers to steal API ...

A compromised internal wallet drained $700K from Polymarket. User funds stayed safe. Here’s what happened and how the team responded. A security incident hit Polymarket this week, shaking the ...

The easily exploited hole could give an unauthenticated threat actor site admin privileges, even across tenant boundaries.

Trump Mobile leaks 30,000 orders and customer data via simple exploit, revealing a far smaller customer base than previously ...