How a USB-connected speaker can infect a PC without ever being touched

CTP allows devices connected via Bluetooth or USB to send commands to the speaker, such as changing LED colors and equalizer ...

Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person

Cybercriminals, part of a gang known as Silent Ransom Group, have sent people pretending to be IT support employees to law ...
MIT Technology Review

The Meta hack shows there’s more to AI security than Mythos

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...
Bleeping Computer

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. Serv-U ...
CIOOpinion

The power grid runs on decades-old devices — and attackers know it

We are spending trillions to upgrade the grid for AI and EVs, but we’re still protecting it with decades-old hardware and ...
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.
PCMag on MSN

Can a VPN Actually Protect You From Hackers? The Answer Is Complicated

From DDoS attacks to public Wi-Fi risks, here's what a VPN is effective against—and the threats that require other tools and ...

Forget Phishing: This Dangerous Hacker Group Is Physically Walking Into Offices to Steal Data—How the Scheme Works

A sophisticated ransomware group is bypassing firewalls by physically walking into corporate offices and plugging USB drives ...

Critical UniFi OS bug lets hackers gain root without authentication

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root ...
The Hacker News

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...
MSN on MSN

Hackers are breaking into corporate networks through a Palo Alto VPN flaw, forging login cookies to walk straight past the password screen

Attackers are exploiting a newly cataloged flaw in Palo Alto Networks GlobalProtect VPN software to forge authentication ...