Daily Cybersecurity News Source
Wednesday, May 27, 2026
Top Stories
AI Model Finds 10,000 Zero-Days, Overwhelms Open-Source Maintainers
Pinned · Top Story

AI Model Finds 10,000 Zero-Days, Overwhelms Open-Source Maintainers

Anthropic has revealed the staggering initial results of Project Glasswing, a collaborative cybersecurity initiative designed to secure critical infrastructure using advanced AI before malicious actors can exploit it. In its first month, the project leveraged…

Taylor Singh May 23, 2026
Read full story →
More Stories
LiteLLM Privilege Bugs Let Attackers Forge Admin Keys, Expose AI Credentials
Cybersecurity
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. Whe…
Hackers Exploit F5 Appliance, Chain Linux Tools to Seize Domain Control
Cybersecurity
A multi-stage intrusion attack where a threat actor exploited an internet-facing F5 BIG-IP edge appliance as the entry point for a widesprea…
WordPress Form Notify Plugin Flaw Lets Attackers Hijack Admin Accounts
Cybersecurity
The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugi…
SQL Injection Flaw in Netatalk Exposes Mac File Servers to Data Theft
Cybersecurity
An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain un…
Ubiquiti Patches Five Critical UniFi Flaws Rated CVSS 10.0
Cybersecurity
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauth…
Critical BookingPress Flaw Lets Attackers Hijack WordPress Sites Without Login
Cybersecurity
The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_v…
Critical Turborepo Flaw Lets Attackers Execute Code via Malicious Dependencies
Cybersecurity
Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerab…
Critical Netatalk Flaw Threatens Millions of NAS Devices Worldwide
Cybersecurity
A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker t…