Ivanti disclosed two critical vulnerabilities affecting its Endpoint Manager Mobile, which have already compromised several major organizations, including the Netherlands’ government and the European Commission. Researchers warn that attacks are spreading, with nearly 1,300 instances still exposed online. The vulnerabilities allow attackers to execute code remotely, raising concerns over ongoing exploitation.

Day Two of Pwn2Own Automotive 2026 featured intense competition among security researchers, resulting in 29 new exploits and $439,250 awarded. The event has now totaled 66 unique vulnerabilities and over $955,000 in prize money. Fuzzware.io leads the standings as the contest nears its final day.

Multiple critical flaws in the n8n open-source workflow platform allow authenticated users to execute arbitrary code on the server. Despite a fix being released, researchers found a bypass that could lead to complete control over n8n instances, exposing sensitive data and connected accounts. Users are urged to update to the latest version and review their workflows for security.

AI models like Claude Sonnet 4.5 can now execute complex multi-stage attacks on networks using standard open-source tools, eliminating the need for custom toolkits. This advancement allows AIs to exploit known vulnerabilities quickly, emphasizing the urgent need for timely security updates.

This article outlines a series of ten hands-on labs focused on Model Context Protocol (MCP) vulnerabilities, each based on real-world exploits. It provides both vulnerable and secure implementations, allowing users to reproduce attacks and understand mitigation strategies in a practical setting. Comprehensive instructions and proof captures accompany each challenge.

The article discusses experiments using Opus 4.5 and GPT-5.2 to generate exploits for a zero-day vulnerability in QuickJS. It concludes that the future of offensive cybersecurity may rely on token throughput rather than the number of human hackers, as LLMs prove effective in exploit development.

The first day of Pwn2Own Automotive 2026 featured 30 entries targeting various automotive systems, resulting in $516,500 awarded for 37 unique 0-days. Notable successes included Fuzzware.io and Team DDOS, while several teams failed to complete their exploits in time.

Vulnerabilities in a Bluetooth chipset used in 29 audio devices from various vendors can be exploited for eavesdropping and information theft. Researchers disclosed three flaws that allow attackers to hijack connections, initiate calls, and potentially access call history and contacts, although attacks require technical expertise and close physical proximity. Device manufacturers are working on patches, but many affected devices have not yet received updates.

Pwn2Own Berlin 2025 concluded with a total award of $1,078,750, surpassing the million-dollar mark. The STAR Labs SG team won the Master of Pwn title, earning $320,000, while various participants showcased their exploits across different platforms, including Windows 11 and NVIDIA technologies. Notably, 28 unique 0-day vulnerabilities were disclosed during the event.

Four critical vulnerabilities discovered at the Pwn2Own Berlin 2025 hacking competition have been patched in various VMware products, with hackers earning over $340,000 for their exploits. Broadcom, the parent company of VMware, confirmed that there is no evidence these flaws have been exploited in the wild.

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, which are being actively exploited in targeted attacks. The vulnerabilities include two critical flaws related to memory corruption and a high-severity use-after-free issue, with updates provided to OEMs to address these risks. Additionally, Qualcomm has addressed other security flaws in its systems that could allow unauthorized access to sensitive user information.

The article discusses the vulnerabilities associated with cross-site WebSocket hijacking and the potential exploits that could arise in 2025. It highlights the risks of unauthorized access and the importance of implementing security measures to mitigate these threats in web applications.

Generative AI models, such as OpenAI's GPT-4, are enabling rapid development of exploit code from vulnerability disclosures, reducing the time from flaw announcement to proof-of-concept to mere hours. Security experts have observed a significant increase in the speed at which vulnerabilities are exploited, necessitating quicker responses from defenders in the cybersecurity landscape. This shift underscores the need for enterprises to be prepared for immediate action upon the release of new vulnerabilities.

A repository has been created to preserve exploit data from the now-defunct 0day.today, which previously hosted a vast collection of proof-of-concept (PoC) exploits for various vulnerabilities. The effort aims to maintain access to historical information crucial for security research and analysis, especially for vulnerabilities poorly documented elsewhere. The repository includes an organized archive with categorized entries for easier access and understanding.

The Model Context Protocol (MCP) is an emerging standard for connecting large language models to external tools, but it presents significant security vulnerabilities such as prompt injection and orchestration exploits. These vulnerabilities can lead to data exfiltration and system compromise, highlighting the need for robust security precautions and detection methods. The article discusses various attack techniques and provides examples of potential exploits along with recommended defenses.