Critical, make-me-super-user SAP S/4HANA bug under active exploitation Summary A critical code-injection vulnerability in SAP S/4HANA (CVE-2025-42957) rated 9.9 is being actively exploited in the wild. Originally disclosed by SecurityBridge…
The crazy, true story behind the first AI-powered ransomware Summary A New York University research team built a proof-of-concept AI system — dubbed Ransomware 3.0 — that can carry out…
Shell to pay: Crims invade your PC with CastleRAT malware, now in C and Python Summary Researchers at Recorded Future have discovered two builds of CastleRAT — one written in…
Boffins Build Automated Android Bug Hunting System Summary Researchers at Nanjing University and the University of Sydney have built A2, an AI-powered agent that both discovers vulnerabilities in Android apps…
Scammers Are Using Grok to Spread Malicious Links on X Summary Bad actors are exploiting X’s native AI assistant, Grok, to amplify malicious links from promoted video posts. Attackers hide…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Summary An Israeli duo of independent security researchers built an LLM-powered offensive research pipeline, dubbed Auto Exploit, that generated proof-of-concept (PoC) exploits for…
Anyone Using Agentic AI Needs to Understand Toxic Flows Summary This Dark Reading piece explains why organisations deploying agentic (autonomous) AI must recognise and mitigate “toxic flows” — hazardous interactions…
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’ Summary Researchers have uncovered a stealthy malware-as-a-service (MaaS) operation tracked as TAG-150 that is distributing a loader (CastleLoader) and a custom remote access…
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now Summary A critical code-injection vulnerability in SAP S/4HANA (CVE-2025-42957) — rated CVSS 9.9 — is being exploited in the wild. The flaw…
Critical, make-me-super-user SAP S/4HANA bug under active exploitation Summary A critical code-injection vulnerability in SAP S/4HANA (CVE-2025-42957) rated 9.9 is being actively exploited. SecurityBridge Threat Research Labs reported observed abuse…
