Meta Signs Major AI Chip Deals With Google and AMD
Meta is expanding its AI infrastructure through separate multiyear, multibillion dollar agreements with both Google and AMD.
Read MoreApple Fixes CVE-2026-20700 Zero-Day Across iOS and macOS Family
Apple has patched CVE-2026-20700, a memory corruption bug in dyld that was exploited in attacks. Install the latest updates across iOS, macOS and related platforms to patch.
Read MoreAI-Assisted Attack Takes AWS Environment Eight Minutes To Escalate Privileges To Admin
Sysdig researchers detail how attackers used an exposed AWS credential and AI tools to access full admin control in about eight minutes – and warn about cloud misconfigurations.
Read MoreKimwolf IoT Botnet Uses Android TV Boxes And Residential Proxies To Jump To More Devices
The Kimwolf botnet has taken over more than 2 million mostly unofficial Android TV devices by abusing residential proxy networks.
Read MoreWhisperPair Vulnerabilities Expose Most Bluetooth Headsets to Audio, Microphone, and Location Takeover
WhisperPair vulnerabilities in Google’s Fast Pair protocol let attackers silently hijack some Bluetooth audio devices – listening through microphones, controling audio, and in certain cases tracking a user’s location via Find Hub. Fixes are dependent on vendor firmware updates.
Read MoreWindows 11 January Update: PCs Can’t Shut Down
A January 2026 Windows 11 update (KB5073455) is causing some Secure Launch enabled Enterprise and IoT devices to restart instead of shutting down or hibernating. A similar update causes Outlook to freeze as well.
Read MoreCritical Apex Central RCE Fixed in Build 7190
Trend Micro has patched a critical RCE vulnerability in Apex Central – plus two Denial-of-Service bugs. Update to Build 7190 as soon as possible.
Read MoreUbisoft Rolls Back Transactions After Rainbow Six Siege X Breach
Ubisoft shut down Rainbow Six Siege after attackers abused internal systems to grant billions of in game credits and rare skins, then later restored services with a rollback. Claims of a much larger Ubisoft data breach remain unverified.
Read MoreHashJack Indirect Prompt Injection Targets AI Browser Assistants
HashJack is a new indirect prompt injection technique that hides malicious instructions in URL fragments, so AI browser assistants – not the website – execute the attacker’s commands.
Read MoreUnpatched Gogs Zero-Day RCE (CVE-2025-8110) Actively Exploited
An unpatched Gogs zero-day (CVE-2025-8110) that bypasses a previous fix is being used to compromise more than 700 internet-exposed servers.
Read More