Ivanti disclosed two critical vulnerabilities affecting its Endpoint Manager Mobile, which have already compromised several major organizations, including the Netherlands’ government and the European Commission. Researchers warn that attacks are spreading, with nearly 1,300 instances still exposed online. The vulnerabilities allow attackers to execute code remotely, raising concerns over ongoing exploitation.

Day Two of Pwn2Own Automotive 2026 featured intense competition among security researchers, resulting in 29 new exploits and $439,250 awarded. The event has now totaled 66 unique vulnerabilities and over $955,000 in prize money. Fuzzware.io leads the standings as the contest nears its final day.

AI models like Claude Sonnet 4.5 can now execute complex multi-stage attacks on networks using standard open-source tools, eliminating the need for custom toolkits. This advancement allows AIs to exploit known vulnerabilities quickly, emphasizing the urgent need for timely security updates.

The article discusses experiments using Opus 4.5 and GPT-5.2 to generate exploits for a zero-day vulnerability in QuickJS. It concludes that the future of offensive cybersecurity may rely on token throughput rather than the number of human hackers, as LLMs prove effective in exploit development.

The Akira ransomware group has generated over $244 million since its emergence in March 2023. They target businesses and critical infrastructure, using various tactics like exploiting vulnerabilities in SonicWall and Veeam, to encrypt files and extort victims. Recent attacks demonstrate their ability to bypass security measures and exfiltrate data quickly.

Google detected 75 zero-day exploits in 2024, highlighting an increase in attacks aimed at enterprise systems, particularly by state-sponsored hackers. The trend shows that while traditional user-targeted attacks remain, a significant portion of vulnerabilities are now focused on security infrastructure, with governments and commercial surveillance vendors being primary actors in these threats.

Generative AI models like OpenAI's GPT-4 are significantly accelerating the process of developing exploit code from vulnerability disclosures, capable of producing proof-of-concept exploits in just hours. This rapid evolution in exploit generation poses a heightened threat for cybersecurity, necessitating faster response times and more robust defensive strategies for enterprises.

Pwn2Own Berlin 2025 concluded with a total award of $1,078,750, surpassing the million-dollar mark. The STAR Labs SG team won the Master of Pwn title, earning $320,000, while various participants showcased their exploits across different platforms, including Windows 11 and NVIDIA technologies. Notably, 28 unique 0-day vulnerabilities were disclosed during the event.

Four critical vulnerabilities discovered at the Pwn2Own Berlin 2025 hacking competition have been patched in various VMware products, with hackers earning over $340,000 for their exploits. Broadcom, the parent company of VMware, confirmed that there is no evidence these flaws have been exploited in the wild.

Researchers have released proof-of-concept exploits for the CitrixBleed2 vulnerability (CVE-2025-5777) affecting Citrix NetScaler devices, which can allow attackers to steal user session tokens through malformed POST requests. Despite Citrix's claims that the flaw is not actively exploited, evidence from cybersecurity experts suggests that attacks have been occurring since mid-June. Organizations are urged to apply patches immediately to mitigate the risk.

CISA has issued a warning about a high-severity arbitrary code execution vulnerability in the Git version control system, tracked as CVE-2025-48384, which is being actively exploited by hackers. Federal agencies must apply patches by September 15th or take alternative security measures. Additionally, two Citrix Session Recording vulnerabilities have also been added to the Known Exploited Vulnerabilities catalog, with the same deadline for remediation.

Generative AI models, such as OpenAI's GPT-4, are enabling rapid development of exploit code from vulnerability disclosures, reducing the time from flaw announcement to proof-of-concept to mere hours. Security experts have observed a significant increase in the speed at which vulnerabilities are exploited, necessitating quicker responses from defenders in the cybersecurity landscape. This shift underscores the need for enterprises to be prepared for immediate action upon the release of new vulnerabilities.

Millions of Brother printers are affected by a critical vulnerability that allows attackers to generate default admin passwords. The flaw cannot be fully patched through firmware updates, prompting a need for manufacturers to change production processes. Other printer manufacturers are also impacted, highlighting widespread security risks.