HPE tells customers to patch OneView immediately as top-level security flaw spotted

A 10/10 RCE flaw was found in HPE OneView, but it's not yet being abused. [...]

CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.

During Operation Lunar Peek in November 2024, attackers gained unauthenticated remote admin access — and eventual root — across more than 13,000 exposed Palo Alto Networks management interfaces. P [...]

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platfor [...]

Google is suing the BadBox 2.0 botnet group

Google has filed a lawsuit against the operators of a what is believed to be the largest smart TV botnet in the world — BadBox 2.0. <br /> The company said in its complaint that this China-ba [...]

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived [...]

Anthropic says its most powerful AI cyber model is too dangerous to release publicly — so it built Project Glasswing

Anthropic on Tuesday announced Project Glasswing, a sweeping cybersecurity initiative that pairs an unreleased frontier AI model — Claude Mythos Preview — with a coalition of twelve major technolo [...]

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was [...]

HPE and Nvidia unveil new AI data layer and hardware for enterprise applications

Hewlett Packard Enterprise (HPE) and Nvidia have unveiled new hardware and software solutions for enterprise AI applications at Nvidia GTC 2025.<br /> The article HPE and Nvidia unveil new AI da [...]

Prosecutors charge man who allegedly used botnet to take down X this spring

An Oregon man has been charged in a federal complaint today on allegations of operating a botnet for hire that conducted cyberattacks beginning at least in 2021. Ethan Foltz has been accused of runnin [...]