With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the AGENTS.md file, or …read more

The Cybersecurity & Infrastructure Security Agency (CISA) was one of the few genuinely good things Donald Trump was talked into doing during his first term. It was an agency within the Department of Homeland Security that was focused on coordination between the government and industry when there were larger cybersecurity threats that needed coordination to […]

Google’s Project Zero demonstrates a new zero-click exploit for the Pixel 10 phones, showing a full escalation from remote to kernel without user interaction. During the investigation Project Zero found …read more

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and a …read more

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs. …read more