Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

This week on Hacking News, we're covering five stories that all share one theme: the things we trust most are the things being targeted. Cisco disclosed two CVSS 10.0 vulnerabilities in their Secure Firewall Management Center — the centralized brain that manages entire firewall fleets — giving unauthenticated attackers root access. Pakistan-linked APT36 has turned AI coding tools into a malware assembly line, flooding Indian government networks with disposable "vibeware" variants in a strategy Bitdefender calls "Distributed Denial of Detection." Google dropped the largest Android security...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

Two perfect CVSS 10.0 scores in one news cycle. A state-sponsored actor living inside Cisco's SD-WAN platform since 2023. A brand-new lateral movement technique called "Ghost NICs" that leaves no forensic trace. An AI chatbot jailbroken to steal 195 million government records. A North Korean hacking group bridging air-gapped networks with USB drives and an embedded Ruby runtime. And a phishing platform so sophisticated it makes your multi-factor authentication functionally useless. This is Hacking News Episode 64 from Exploit Brokers by Forgebound Research. Five stories, multiple nation-state...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

AI is reshaping both sides of the cybersecurity battlefield — and fast. In this episode, we break down five stories that prove it: the first Chrome zero-day of 2026 (CVE-2026-2441), a near-perfect CVSS 9.9 in Microsoft's Semantic Kernel SDK (CVE-2026-26030), a supply chain attack on AI coding assistant Cline that silently installed autonomous agents on thousands of developer machines, the first-ever Android malware using Google's Gemini AI at runtime (PromptSpy), and a Russian-speaking threat actor who used commercial AI tools to breach over 600 FortiGate firewalls across 55 countries in...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

Microsoft just dropped patches for SIX actively exploited zero-day vulnerabilities — and that's just the beginning. In this week's Hacking News, we break down the February 2026 Patch Tuesday emergency, North Korea's Lazarus Group poisoning npm and PyPI through fake job recruiters, nation-state hackers weaponizing Google's Gemini AI (including malware that writes its own payloads), a massive Dutch telecom breach affecting 6.2 million people, and a U.S. government contractor breach that ballooned from 4 million to potentially tens of millions affected. This is Exploit Brokers by Forgebound...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

A newly uncovered state-backed espionage group has compromised 70 organizations across 37 countries in a single year — and they were scanning infrastructure in 155 more. In this episode of Hacking News, we break down Palo Alto Unit 42's Shadow Campaigns investigation, a CVSS 9.9 pre-authentication RCE in BeyondTrust's remote access tools, a state-sponsored Signal phishing campaign targeting European politicians and military officials without using a single line of malware, CISA's aggressive new directive ordering federal agencies to rip out end-of-life edge devices, and an Everest ransomware...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

Microsoft just dropped an emergency patch for an Office zero-day being exploited in the wild. A WordPress plugin has a CVSS 10.0 vulnerability — that's the golden goose of hacking. 900,000 Chrome users had their ChatGPT conversations stolen by malicious extensions with Google's Featured badge. And two cybersecurity professionals pleaded guilty to moonlighting as ransomware affiliates. Welcome to 2026. It's gonna be a fun year. In this episode: CVE-2026-21509: Microsoft Office zero-day (security feature bypass) CVE-2026-23550: WordPress Modular DS critical vulnerability Prompt Poaching:...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

Exploit Brokers is back—under a new banner. In this episode, I explain why the show went quiet, what Forgebound Research means, and how the podcast is evolving. We're shifting to a hybrid model: some episodes will be news commentary with technical insight, others will be lab-driven deep dives where I actually pull apart the malware or the vulnerable code. Beyond the podcast, I'm launching The Forgebound Lab on YouTube—security research, hardware teardowns, creative engineering, maker builds, and learning in public. Same host. Same mission. New chapter. Welcome to Forgebound Research....

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

# Title * HN59 - Microsoft AI Discovers 20 Zero-Day Vulnerabilities in Bootloaders! ## Description 🔍 Microsoft’s AI Uncovers 20 Zero-Day Threats | CoffeeLoader Malware Gets Smarter In this episode of Exploit Brokers, Cipherceval dives into how Microsoft Security Copilot, powered by AI, discovered over 20 previously unknown vulnerabilities in popular bootloaders like GRUB2, U-Boot, and Barebox. These flaws could allow attackers to bypass Secure Boot and install stealthy bootkits. We also explore the terrifying evolution of CoffeeLoader malware — now equipped with GPU-based cloaking,...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

Welcome to Exploit Brokers with your host Cipherceval! In this deep dive, we uncover a sophisticated cyber assault where hackers exploited Microsoft SharePoint to launch the Havoc C2 via a stealthy click fix attack. Learn how a single click can trigger malicious PowerShell commands, turning everyday corporate tools into gateways for cybercrime. In this episode, we explore: • How click fix attacks trick users into executing harmful commands • The role of social engineering in modern cyber warfare • The rising threat of ransomware targeting Middle Eastern banks and financial institutions...

Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary

In this episode of Exploit Brokers, we dive into the dark world of cybercrime, exploring two alarming topics: a malicious Android loan app masquerading as a financial tool and Xerox printer vulnerabilities that could be leaking your credentials. Learn how loan sharks have moved from traditional methods to sophisticated digital predation, exploiting unsuspecting users via apps like SpyLoan. We break down how these apps bypass Google Play's protections, steal sensitive data, and push predatory lending practices, especially targeting vulnerable users. Additionally, we uncover how attackers are...