Notícias

Weekly summary of Cybersecurity Insider newsletters The post Critical Vulnerabilities and Phishing Campaigns Dominate Cybersecurity Headlines appeared first on eSecurity Planet.

Pwn2Own participants disclosed a total of 76 vulnerabilities during the three-day event. The post Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 appeared first on SecurityWeek.

Pwn2Own Automotive 2026 has ended with security researchers earning $1,047,000 after exploiting 76 zero-day vulnerabilities between January 21 and January 23. [...]

AI-generated code can introduce subtle security flaws when teams over-trust automated output. Intruder shows how an AI-written honeypot introduced hidden vulnerabilities that were exploited in attacks. [...]

Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left exposed on the public internet and actively exploited. The research focuses on intentionally vulnerable apps such as OWASP Juice Shop, Damn Vulnerable Web Application, Hackazon, and similar projects. These tools are commonly deployed to teach secure coding, support product demonstrations, or give red and blue teams hands-on practice. According to … More → The post Exposed training apps are showing up in active cloud attacks appeared first on Help Net Security.

Hackers collect $439,250 after exploiting 29 zero-day vulnerabilities on the second day of Pwn2Own Automotive 2026. [...]

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025

Security researchers uncovered 37 previously unknown vulnerabilities on the opening day of Pwn2Own Automotive 2026, earning a combined $516,500 in prize money, according to results released by Trend Micro's Zero Day Initiative. The Master of Pwn leaderboard (Source: Trend Micro) Successful demonstrations targeted in-vehicle infotainment systems and electric vehicle charging hardware, with several high-profile automotive brands affected. Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution … More → The post Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026 appeared first on Help Net Security.

CERT Polska has received a report about 2 vulnerabilities (CVE-2025-67683 and CVE-2025-67684) found in Quick.Cart software.

Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs. The post Atlassian, GitLab, Zoom Release Security Patches appeared first on SecurityWeek.