Windows Vulnerability Research

Needles at Scale: LLM-Assisted Target Selection for Windows Vulnerability Research

Announce Type: new Abstract: The attack surface of a modern operating system is a haystack: thousands of signed binaries and millions of functions, almost none relevant to any given vulnerability. A human analyst or an LLM agent must pick the function worth reading before analyzing it. At whole-OS scope, this target selection, not the analysis, is the binding constraint.

Microsoft reaches for olive branch after public dustup with 0-day researcher

Microsoft has moved to calm an increasingly noisy backlash from the security community after appearing to threaten legal action against a researcher who spent the past several weeks dumping Windows zero-days onto the internet. In a statement published on Monday, Redmond said it has "no intention to pursue action against individuals conducting or publishing security research”, a noticeably softer position than the one it adopted just days earlier when it condemned a string of public...

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Title: No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out There's a huge hole and no one is patching it thus far. A critical, remote code execution (RCE) bug in Gogs, a popular open-source self-hosted Git service, can be exploited by any authenticated user - no special privileges required - on a default installation to fully compromise vulnerable servers, steal credentials and multi-factor authentication secrets, or even modify code in hosted repositories in a wide-reaching supply-chain attack. A security researcher reported the 9.4-rated flaw to project maintainers in mid-March. It still doesn’t have a patch. It does, however, have a public Metasploit module - so we’d expect reports of in-the-wild exploitation to start very soon. The vulnerability affects all supported platforms, including Windows, Linux, and macOS, and installation methods, according to Rapid7 researcher Jonah Burgess, who found and reported the bug to Gogs maintainers via GitHub (GHSA-qf6p-p7ww-cwr9) on March 17. After they initially acknowledged that they received the report on March 28, Burgess says he never heard back from the Gogs team - not when he asked

Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops

Researchers show how AI-powered worms could wreak havoc on the internet

Researchers show how AI-powered worms could wreak havoc on the internet The new threat can tailor its attack and learn new strategies with each machine infected. We've seen how AI can be used to find flaws in apps and websites, but researchers have now demonstrated how it could be weaponized to exploit those vulnerabilities.

AI is making Patch Tuesday (kinda) fun again

Microsoft set a record with its June Patch Tuesday release, addressing 206 CVEs across its products and shipping fixes for them, with 38 deemed critical and the rest important. Three are listed as publicly known, but none (so far) have been exploited in the wild. We have no idea how many of these June bugs were uncovered using AI tools.

How India’s CBSE exam scandal set off student outrage against PM Modi

How India’s CBSE exam scandal set off student outrage against PM Modi India’s largest school board has been mired in controversies, prompting calls for Modi’s education minister to step down. Some students are leading the fight. New Delhi, India – Nandini Singh had been waiting for weeks for her high school examination results, her scores in different subjects being the pathway to the colleges of her choice.

Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine

There's a lot of fear surrounding the bug-finding capabilities of super-advanced AI models like Anthropic's Mythos and OpenAI's GPT 5.5-Cyber. But attackers are already using free, publicly available LLMs to hijack networks and worm through software supply chains at a much lower cost – to them at least. The latest example comes from University of Toronto researchers, who used an unnamed, publicly available open-weight model released in 2025 to develop a computer worm that they claim spread...

Websites Can Now Spy on You Through Your Hard Drive

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all. Now sites have a new way to spy on their visitors: by measuring subtle interactions with their solid-state drives.

AI helped researchers bypass Apple M5 defenses

Apple devices have earned a reputation for being tough to break into. That comes from Apple's tight control over the hardware, software and many of the protections standing between you and an attacker. However, a new claim from security startup Calif shows how quickly the cybersecurity world may be changing.