A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution.
The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.
Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems.
The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike appeared first on SecurityWeek.
Connex Credit Union Data Breach Impacts 172,000 People
Hackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information.
The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek.
Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft
A researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars.
The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on SecurityWeek.
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada
WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies.
The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek.
BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats
Eclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well.
The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek.
Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking
Researchers showed how flaws in a bus’ onboard and remote systems can be exploited by hackers for tracking, control and spying.
The post Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking appeared first on SecurityWeek.
Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise
Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses.
The post Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise appeared first on SecurityWeek.
CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
The post CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds appeared first on SecurityWeek.
Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector
As attackers target help desks and identity systems, traditional security perimeters are proving insufficient against agile, socially-engineered threats.
The post Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector appeared first on SecurityWeek.
