200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...
CoinTelegraph

At least a dozen crypto entities attacked since Drift Protocol hack

Rhea Finance and the Russia-linked Grinex exchange were hacked for a combined $21 million over the past two days. At least 12 DeFi protocols and crypto businesses have been attacked in just over two ...
Wall Street Journal

AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.

The software bug was capable of crashing an operating system used by firewalls, servers and network appliances. It went undetected for over 27 years. Last month, it was caught by Mythos, the latest AI ...
manilatimes

Cytora and VulnCheck partner to embed exploit and vulnerability intelligence into insurance workflows

Insurers will now be able to leverage advanced exploit and vulnerability data for precise cyber risk evaluation and automated decision-making London, UK, April 09, 2026 (GLOBE NEWSWIRE)-- Cytora, the ...
Yahoo Finance

Cytora and VulnCheck partner to embed exploit and vulnerability intelligence into insurance workflows

London, UK, April 09, 2026 (GLOBE NEWSWIRE)-- Cytora, the digital risk processing platform, has announced a partnership with VulnCheck, the exploit intelligence company, in conjunction with their ...

Update Linux Now As 9-Year-Old Root Hack Confirmed, CISA Warns Users

The Cybersecurity and Infrastructure Security Agency has warned users to update their Linux systems following the discovery ...
The Hacker News

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
TechCrunch

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have broken into at least one organization using Windows vulnerabilities published online by a disgruntled security researcher over the last two weeks, according to a cybersecurity firm. On ...
Bleeping Computer

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with ...
CoinDesk

Attacker mints $1 billion Polkadot tokens on Ethereum, ends up stealing just $250,000

Crypto hacks are nothing new, but cases where attackers take big risks and walk away with peanuts aren't common. That rare scenario played out on Sunday. An attacker exploited a vulnerability in ...
TechCrunch

Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months. The vulnerability, ...