-
OpenAI has unveiled Aardvark, an autonomous AI agent powered by its cutting-edge GPT-5 model, designed to detect software vulnerabilities and automatically propose fixes. This tool aims to entrust developers and security teams by scaling human-like analysis across vast codebases, addressing the escalating challenge of protecting software in an era where over 40,000 new Common Vulnerabilities […] The post OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical first line of defense against supply chain attacks. Threat actors successfully compromised multiple high-profile NPM developer…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dar…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated attack technique that exploits the trust relationships built into AI agent communication systems. The attack, termed agent session smuggling, allows a malicious AI agent to inject covert instructions into established cross-agent communication sessions, effectively taking control of victim agents without user awareness or consent. This discovery highlights a critical […] The post Agent Session Smuggling: How Malicious AI Hijacks Victim Agents appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP archives disguised as military documents. The attack specifically targeted Belarusian milit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively leveraging the security vulnerability in ransomware campai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant known as BADCANDY across networks worldwide. The Australian Signals Directorate (AS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Akira ransomware group announced on October 29, 2025, that it successfully breached the systems of Apache OpenOffice, exfiltrating a staggering 23 gigabytes of sensitive corporate data. The group, known for its aggressive double-extortion tactics, posted details on its dark web leak site, threatening to release the information unless a ransom is paid. This […] The post Akira Ransomware Allegedly Claims Theft of 23GB in Apache OpenOffice Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as CVE-2024-1086. This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide. First disclosed earlier this […] The post CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals and state-sponsored actors are ramping up attacks on unpatched Cisco IOS XE devices across Australia, deploying a persistent Lua-based web shell known as BADCANDY to maintain unauthorized access. This implant, first spotted in variations since October 2023, has seen renewed exploitation throughout 2024 and into 2025, exploiting the critical CVE-2023-20198 vulnerability in the software’s […] The post Hackers Exploiting Cisco IOS XE Vulnerability in the Wild to Deploy BADCANDY Web Shell appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
