SecurityTicks - Security Ticks

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations 2026-05-18 at 12:08 By A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and Carbon Black teams, the pre-Stuxnet tool was engineered to corrupt uranium-compression simulations that […]

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations Read More »

Exploitation of Critical NGINX Vulnerability Begins

exploited, Nginx, Vulnerabilities, vulnerability / SecurityTicks

Exploitation of Critical NGINX Vulnerability Begins 2026-05-18 at 10:34 By Ionut Arghire The flaw leads to denial-of-service on default configurations and to remote code execution if ASLR is disabled. The post Exploitation of Critical NGINX Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Critical NGINX Vulnerability Begins Read More »

The AI backdoor your security stack is not built to see

AI, backdoor, cybersecurity, Don't miss, enterprise, Features, LLMs, Microsoft, News, research / SecurityTicks

The AI backdoor your security stack is not built to see 2026-05-18 at 09:42 By Sinisa Markovic Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious tokens, filter unusual characters, watch for prompt injection patterns. New research from

The AI backdoor your security stack is not built to see Read More »

AI shrinks vulnerability exploitation window to hours

agentic AI, AI, cybersecurity, News, report, security testing, Synack, threats, vulnerability management / SecurityTicks

AI shrinks vulnerability exploitation window to hours 2026-05-18 at 09:42 By Anamarija Pogorelec Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State of Vulnerabilities Report. Total vulnerabilities by severity (2022-2025) (Source: Synack) AI expands the attack surface Agentic AI systems that

AI shrinks vulnerability exploitation window to hours Read More »

Lyrie: Open-source autonomous pentesting agent

agentic AI, AI, Don't miss, GitHub, News, open source, penetration testing, software / SecurityTicks

Lyrie: Open-source autonomous pentesting agent 2026-05-18 at 09:42 By Sinisa Markovic Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version

Lyrie: Open-source autonomous pentesting agent Read More »

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check

ChatGPT, McAfee, News, OpenAI, Product showcase, scams / SecurityTicks

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check 2026-05-18 at 08:02 By Anamarija Pogorelec McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check Read More »

Hackers Earn $1.3 Million at Pwn2Own Berlin 2026

Artificial Intelligence, exploit, Featured, hacking contest, Pwn2Own, Pwn2Own Berlin, Vulnerabilities / SecurityTicks

Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 2026-05-18 at 08:02 By Eduard Kovacs Participants demonstrated exploits for Windows, Linux, VMware, Nvidia, and AI products. The post Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 Read More »

When ransomware hits, confidence doesn’t restore endpoints

Absolute Security, boardroom, CISO, Endpoint Security, News, Ransomware, resilience, UK, USA / SecurityTicks

When ransomware hits, confidence doesn’t restore endpoints 2026-05-18 at 07:03 By Anamarija Pogorelec Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute

When ransomware hits, confidence doesn’t restore endpoints Read More »

Debian 13.5 point release lands with security fixes, bug patches

Debian, Linux, News, operating system, security update / SecurityTicks

Debian 13.5 point release lands with security fixes, bug patches 2026-05-18 at 01:03 By Anamarija Pogorelec Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server

Debian 13.5 point release lands with security fixes, bug patches Read More »

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE

Uncategorized / SecurityTicks

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE 2026-05-17 at 18:32 By A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck. The vulnerability, tracked as CVE-2026-42945 (CVSS score: 9.2), is a heap buffer

NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE Read More »

AI advances are breaking into the physical world – and robots will soon learn how to do your washing and ironing

Uncategorized / SecurityTicks

AI advances are breaking into the physical world – and robots will soon learn how to do your washing and ironing 2026-05-17 at 16:09 By Michael Kaplan A tech VC said, physical AI is “the challenge of figuring out how to reinvent the physical world. It’s a big challenge.” In describing Project Prometheus, he added,

AI advances are breaking into the physical world – and robots will soon learn how to do your washing and ironing Read More »

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited

News, Week in review / SecurityTicks

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited 2026-05-17 at 14:40 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited Read More »

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Uncategorized / SecurityTicks

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt 2026-05-17 at 14:39 By Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company’s GitHub environment and download its codebase. “Our investigation has determined that no customer data or personal information was accessed during this

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt Read More »

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming

Uncategorized / SecurityTicks

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming 2026-05-16 at 19:49 By A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. Details of the activity were published

Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming Read More »

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations

Uncategorized / SecurityTicks

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations 2026-05-16 at 17:33 By Threat Hunter Team New analysis confirms the targeted applications and reveals fast16 was tailored to corrupt uranium-compression simulations central to nuclear weapon design. This article is an excerpt from SECURITY.COM View Original Source

Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations Read More »

AI influencer salaries revealed, with one making $9k-a-month — but which has he most personality?

Uncategorized / SecurityTicks

AI influencer salaries revealed, with one making $9k-a-month — but which has he most personality? 2026-05-16 at 14:44 By Jeanette Settembre “It’s a new category of creators and their ability to monetize in unique ways,” ex celebrity manager Clarissa Mansbridge told The Post. This article is an excerpt from Latest Technology News | New York

AI influencer salaries revealed, with one making $9k-a-month — but which has he most personality? Read More »

PoC Code Published for Critical NGINX Vulnerability

exploit, Nginx, PoC, Vulnerabilities, vulnerability / SecurityTicks

PoC Code Published for Critical NGINX Vulnerability 2026-05-16 at 14:43 By Ionut Arghire Introduced in 2008, the critical-severity security defect was patched this week in NGINX Plus and NGINX open source. The post PoC Code Published for Critical NGINX Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

PoC Code Published for Critical NGINX Vulnerability Read More »

Elon Musk’s SpaceX accelerates timeline for blockbuster Nasdaq IPO

Uncategorized / SecurityTicks

Elon Musk’s SpaceX accelerates timeline for blockbuster Nasdaq IPO 2026-05-15 at 23:47 By Reuters The accelerated schedule pulls forward a process that had originally been planned for around late June, around Elon Musk’s birthday. This article is an excerpt from Latest Technology News | New York Post View Original Source

Elon Musk’s SpaceX accelerates timeline for blockbuster Nasdaq IPO Read More »

Did Iran Hack Tank Readers at US Gas Stations? Security Leaders Discuss

Uncategorized / SecurityTicks

Did Iran Hack Tank Readers at US Gas Stations? Security Leaders Discuss 2026-05-15 at 23:08 By Security leaders share their thoughts on the attack, Iran’s potential involvement and the broader implications. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Did Iran Hack Tank Readers at US Gas Stations? Security Leaders Discuss Read More »

Why Most Workplace Violence Prevention Starts Too Late

Uncategorized / SecurityTicks

Why Most Workplace Violence Prevention Starts Too Late 2026-05-15 at 20:32 By If your people are running, hiding, or fighting, the prevention window has already closed. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Why Most Workplace Violence Prevention Starts Too Late Read More »