From the BlueHammer author: New Windows zero-day grants admin rights

The exploit uses an insecure behavior of Windows Defender and a file API to secure system rights. It is still unpatched.
Appuals

How To Fix Zenless Zone Zero “Unity Error” On PC

The “ZenlessZoneZero - Unity 2019.4.40f1_0d9cc85b4” message on PC is usually the title of a Unity crash window that appears ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...
Security Boulevard

Payouts King Takes Aim at the Ransomware Throne

IntroductionIn February 2022, BlackBasta emerged as a successor to Conti ransomware and quickly rose to prominence. BlackBasta was operational for three years until February 2025 when their internal ...

Mozilla launches Thunderbolt AI client with focus on self-hosted infrastructure

Mozilla is the latest legacy tech brand to make a play for the enterprise AI market. But the company behind Firefox and ...
Windows Report

Anthropic's New Claude Opus 4.7 Model Edges Past GPT-5.4 in Agentic Coding Benchmarks

Anthropic rolls out Claude Opus 4.7 with major gains in agentic coding, improved vision, and tighter safeguards, positioning it ahead of GPT-5.4 in complex tasks.
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...
Security Boulevard

A fake Slack download is giving attackers a hidden desktop on your machine

This trojanized Slack installer looks normal, but quietly gives attackers an invisible desktop to access your accounts and ...

OpenAI expands Codex beyond coding with computer use, memory, and plugins

This major update marks a significant shift for OpenAI, as it positions the Codex desktop app not just as a chatbot but as a ...
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
Macworld

Apple still doesn’t get iPad pros

As iPadOS evolves, Apple has been trying new ways to make it more “pro” and Mac-like. However, the iPad still behaves very ...
KrASIA

Meituan’s GN06 unit builds Tabbit, an AI browser aimed at saving users time

Two and a half years after Light Year (Guangnian Zhiwai) was folded into Meituan, the team now known as GN06 is still working ...