200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...
Bleeping Computer

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...
TechRepublic

‘BlueHammer’ Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting SYSTEM-level access and leaving no patch yet. A disgruntled security researcher ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...
CoinTelegraph

At least a dozen crypto entities attacked since Drift Protocol hack

Rhea Finance and the Russia-linked Grinex exchange were hacked for a combined $21 million over the past two days. At least 12 DeFi protocols and crypto businesses have been attacked in just over two ...
Wall Street Journal

AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.

The software bug was capable of crashing an operating system used by firewalls, servers and network appliances. It went undetected for over 27 years. Last month, it was caught by Mythos, the latest AI ...
Yahoo Finance

Cytora and VulnCheck partner to embed exploit and vulnerability intelligence into insurance workflows

London, UK, April 09, 2026 (GLOBE NEWSWIRE)-- Cytora, the digital risk processing platform, has announced a partnership with VulnCheck, the exploit intelligence company, in conjunction with their ...
CoinDesk

Attacker mints $1 billion Polkadot tokens on Ethereum, ends up stealing just $250,000

Crypto hacks are nothing new, but cases where attackers take big risks and walk away with peanuts aren't common. That rare scenario played out on Sunday. An attacker exploited a vulnerability in ...
TechCrunch

Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has patched a vulnerability in its flagship document-reading apps, Acrobat DC, Reader DC and Acrobat 2024, that hackers have been actively exploiting for at least four months. The vulnerability, ...
Forbes

Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...