Bleeping Computer

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute

A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. The technique works on default HTTP/2 configurations of major web ...
The Verge

Microsoft is threatening legal action for disclosing exploits

The company is feuding with a security researcher publicly posting vulnerabilities. The company is feuding with a security researcher publicly posting vulnerabilities. is the Verge’s weekend editor.
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Forbes

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Microsoft confirms Exchange zero-day, CISA warns it's under active exploitation. Updated May ...
The Next Web

AI gave North Korean hackers a $600 million month. DeFi is still working out how to respond.

Two North Korea-linked hacks in April drained almost $600 million from DeFi protocols Drift Protocol ($285 million) and Kelp DAO ($292 million). Cybersecurity experts believe the attackers used AI to ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...
TechSpot

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

The Epitome of WTF: A researcher known as "Nightmare-Eclipse" recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker's full-volume encryption. The ...
Ars Technica

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.
The New York Times

‘Life Hack’ Review: A Heist That Never Leaves the Screen

A group of teenagers seem to be targeting a cryptocurrency billionaire out of boredom, but they have a more sympathetic motive in this hacker film. By Chris Azzopardi When you purchase a ticket for an ...
CNET

Canvas Hack Aftermath: Congress Wants Instructure to Answer Questions

A hacker group stole data from more than 9,000 schools using an exploit in Instructure's service. Now the House Homeland Security Committee is getting involved. Tyler is a writer for CNET covering ...
The Next Web

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

Google identified the first zero-day exploit it believes was developed with AI and thwarted a planned mass exploitation event. The GTIG report documents state-sponsored actors from China, North Korea, ...
CNN

Data stolen in Canvas hack that hit thousands of schools has been returned, company says

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...