An almost two-decade-old Excel vulnerability is being actively exploited by bad actors

The little exploit that could.
Windows Report

RedSun Exploit Hits Microsoft Defender Zero-Day, Grants SYSTEM Access

RedSun exploit targets Microsoft Defender zero-day, granting SYSTEM access on fully patched Windows systems with no patch available.
XDA Developers on MSN

Claude Mythos can exploit decades-old vulnerabilities, but Anthropic is keeping it locked down

Anthropic's latest model needs to be kept under lock and key, but for how long?
Security Boulevard

Claude Mythos and the AI Vulnerability Arms Race – What CISOs Must Know Now

Claude Mythos discovered vulnerabilities that survived 27 years of human review. This technical breakdown covers how it works ...
The Hacker News

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

Claude Opus wrote a Chrome exploit for $2,283

In a blog post on Wednesday, Mohan Pedhapati (s1r1us), CTO of Hacktron, described how he used Opus 4.6 to create a full ...

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing ...
Dark Reading

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...

SANS Institute, Cloud Security Alliance, [un]prompted, and OWASP GenAI Security Project Release Emergency Strategy Briefing as AI-Driven Vulnerability Discovery Co…

Building a Mythos-Ready Security Program” delivers a risk register, 11 priority actions, and board briefing framework built ...

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...
Infosecurity-magazine.com

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...