Author: Dustin Childs

If you just want to read the rules, click here.  Now entering its third year, Pwn2Own Automotive returns to Automotive World in Tokyo on January 21 – 23, 2026. Over the last two years, we’ve awarded more than $2,000,000 for the latest in automotive exploitations, and this year looks to be even better. As always, … Read More “Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More!  – Zero Day Initiative – Blog” »

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems. The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the … Read More “Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks  – The Hacker News” »

Scaling the SOC with AI – Why now?  Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools. Nearly 40% of those alerts go … Read More “Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform  – The Hacker News” »

The Cofense Phishing Defense Centre warns of a new tech support scam using Microsoft’s brand to lock browsers and steal data. Learn how the attack uses fake ‘payment lures’ and urgent security alerts to trick victims into calling a fraudulent support number.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & … Read More “New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results.  The benefits of pen testing are clear. By empowering “white hat” hackers to attempt to breach your system using … Read More “Beware the Hidden Costs of Pen Testing  – The Hacker News” »

Every day, billions of people place their trust in websites they know little about. Behind each one is a hosting provider, but not all of them play by the same rules.  Traditionally, privacy policies let web visitors understand how their data would be handled, and SSL (Secure Sockets Layer) certificates ensured their connection was encrypted. … Read More “Why the web-hosting industry needs a trust seal  – CyberScoop” »

The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don’t always break systems anymore — they use them. They … Read More “ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.  – Read More  … Read More “CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack  – The Hacker News” »