WhatsApp told SecurityWeek that the two low-impact vulnerabilities cannot be used for arbitrary code execution.
The post $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal appeared first on SecurityWeek.
Critical Windows Server WSUS Vulnerability Exploited in the Wild
CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available.
The post Critical Windows Server WSUS Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta
Questions have been raised over the technical viability of the purported WhatsApp exploit, but the researcher says he wants to keep his identity private.
The post Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta appeared first on SecurityWeek.
AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk
SquareX has shown how malicious browser extensions can impersonate AI sidebar interfaces.
The post AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk appeared first on SecurityWeek.
Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm
Verizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise.
The post Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm appeared first on SecurityWeek.
Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025
Participants exploited 34 previously unknown vulnerabilities to hack printers, NAS devices, and smart home products.
The post Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 appeared first on SecurityWeek.
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability
The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability appeared first on SecurityWeek.
American Airlines Subsidiary Envoy Air Hit by Oracle Hack
Envoy Air, which operates the American Eagle brand, has confirmed that business information was stolen by hackers.
The post American Airlines Subsidiary Envoy Air Hit by Oracle Hack appeared first on SecurityWeek.
China Accuses US of Cyberattack on National Time Center
The Ministry of State Security alleged that the NSA exploited vulnerabilities in the messaging services of a foreign mobile phone brand to steal sensitive information.
The post China Accuses US of Cyberattack on National Time Center appeared first on SecurityWeek.
Prosper Data Breach Impacts 17.6 Million Accounts
Hackers stole names, addresses, dates of birth, email addresses, Social Security numbers, government IDs, and other information.
The post Prosper Data Breach Impacts 17.6 Million Accounts appeared first on SecurityWeek.
