Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security.
The WebKit vulnerabilities are listed below –
CVE-2026-43707 – A memory corruption issue that could result in an
The Hacker News – Read More
Quantifind will accelerate international expansion and extend its platform’s localized risk intelligence capabilities.
The post Quantifind Raises $200 Million for AI-Native Risk Intelligence appeared first on SecurityWeek.
SecurityWeek – Read More
A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber.
The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that could be abused to take over susceptible instances.
“Easily exploitable vulnerability allows
The Hacker News – Read More
CISA has published an advisory to inform organizations about three vulnerabilities found by a researcher in Daktronics controllers.
The post New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking appeared first on SecurityWeek.
SecurityWeek – Read More
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
darkreading – Read More
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and admin environments to wider enterprise systems.
darkreading – Read More
Researchers spotted 212 new domains registered after Venezuela’s earthquake, warning donors of donation scam risks and urging them to verify relief sites first.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Hundreds of contractors working on a project for Meta pretended to be kids in order to see how other chatbots like Gemini and ChatGPT would respond to high-risk subjects, WIRED found.
Security Latest – Read More
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results.
Microsoft says Google removed it from the store after responsible disclosure. The extension was called ”
The Hacker News – Read More
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
darkreading – Read More