Aggregator

A proof-of-concept (PoC) exploit dubbed BlueHammer has been publicly released by security researcher Nightmare Eclipse (also known as Chaotic Eclipse), targeting a zero-day local privilege escalation (LPE) vulnerability in Microsoft Windows Defender’s signature update mechanism. The release, confirmed functional by principal vulnerability analyst Will Dormann of Tharros, underscores a growing frustration with Microsoft’s Security Response […]

The post BlueHammer PoC for Windows Defender Exploited by Researchers to Escalate Privileges appeared first on Cyber Security News.

You must login to view this content

Threat actors are actively exploiting a maximum-severity remote code execution (RCE) vulnerability in Flowise, an open-source platform used for building AI agents and customized large language model workflows. The critical flaw, tracked as CVE-2025-59528 with a CVSS score of 10.0, allows attackers to execute arbitrary JavaScript code and achieve full system compromise. Threat intelligence telemetry […]

The post Flowise AI Agent Builder Injection Vulnerability Exploited in Attacks, 15,000+ Instances Exposed appeared first on Cyber Security News.

A phishing campaign that bypasses the standard 15-minute expiration window through automation and dynamic code generation, leveraging the OAuth Device Code Authentication flow to compromise organizational accounts at scale, has been observed by the Microsoft Defender Security Research team. The campaign uses AI-assisted infrastructure and end-to-end automation. Attack overview Device Code Authentication is a legitimate OAuth flow designed for devices that cannot support a standard interactive login. In this model, a code is presented on … More →

The post AI-enabled device code phishing campaign exploits OAuth flow for account takeover appeared first on Help Net Security.