Research Archives

The Claude AI logo is displayed on the screen of a smartphone placed on a reflective surface onto which lines of computer code are projected. Following the release of Claude Opus 4.6 on February 5, Anthropic continues to challenge its main competitors in the generative AI market in Creteil, France, on February 6, 2026. (Photo by Samuel Boivin/NurPhoto via Getty Images)

Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI

Agentic AI is more popular than ever, but researchers keep finding trivial ways to hijack LLMs for nefarious purposes.

18 hours ago By Derek B. Johnson

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

A critical Palo Alto PAN-OS zero-day is being exploited in the wild

The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.

2 days ago By Matt Kapko

‘Copy Fail’ is a real Linux security crisis wrapped in AI slop

The actively exploited defect could affect every mainstream Linux distribution built since 2017, but some researchers found Theori’s AI-generated disclosure unhelpful and lacking.

4 days ago By Matt Kapko

cPanel’s authentication bypass bug is being exploited in the wild, CISA warns

The agency added the flaw to the KEV list days after hosting providers confirmed active, ongoing attacks.

Apr 30, 2026 By Greg Otto

Two new extortion crews are speedrunning the Scattered Spider playbook

CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion.

Apr 30, 2026 By Matt Kapko

Chinese national extradited to US for pandemic-era Silk Typhoon attacks

Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

Apr 27, 2026 By Matt Kapko

US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

Investigators found the malware, dubbed Firestarter, on a federal agency's network in a campaign dating back to at least September 2025.

Apr 23, 2026 By Greg Otto

Arik Ashkenazi, chief engineer at the Ein Netafim wastewater treatment plant, walks between water clarifier basins at the facility in Israel’s southern Red Sea port city of Eilat on July 13, 2023. Hemmed in between the Red Sea and a desert, isolated from the rest of Israel and with no natural freshwater, Eilat’s drinking water is a combination of desalinated groundwater and sea water. After its domestic use turns it into sewage, it is treated and then allocated to farmers, enabling the arid region to support an agricultural industry. While Eilat used to be the exception in Israel’s water management, it is now more of a prototype for the country and perhaps to the world. (Photo by MENAHEM KAHANA / AFP) (Photo by MENAHEM KAHANA/AFP via Getty Images)

Dragos: Despite AI use, new malware targeting water plants is ‘hype’

ZionSiphon was designed to find and sabotage Israelis’ water supply. An OT expert said it appears to be ineffective and the work of amateurs using AI.

Apr 23, 2026 By Derek B. Johnson

Mobile phone antennas at sunset; fhm, Getty Images

Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities

Researchers said it’s the first-ever mapping of attack traffic to mobile operator signalling infrastructure.

Apr 23, 2026 By Tim Starks

Network ‘background noise’ may predict the next big edge-device vulnerability

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

Apr 20, 2026 By Matt Kapko