First known AI-powered ransomware uncovered by ESET Research

From welivesecurity.com

(made with openart)

ESET researchers have discovered what they called “the first known AI-powered ransomware”. The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt and possibly even destroy data, though this last functionality appears not to have been implemented in the malware yet.

While PromptLock was not spotted in actual attacks and is instead thought to be a proof-of-concept (PoC) or a work in progress, ESET’s discovery shows how malicious use of publicly-available AI tools could supercharge ransomware and other pervasive cyberthreats.

Read more…

FBI seized multiple piracy sites distributing pirated video games

From securityaffairs.com

FBI seizes multiple piracy sites for Nintendo Switch and PlayStation 4 games, dismantling their infrastructure.

The FBI, with the help of the Dutch FIOD, seized multiple piracy sites distributing pirated video games, including nsw2u.com, ps4pkg.com, and mgnetu.com, dismantling their infrastructure. These sites, active for over four years, offered early access to popular game titles and logged 3.2 million downloads between February and May 2025, causing an estimated $170 million in losses.

Read more…

13-year-old hacks Microsoft Teams, rewrites rules for global security program

From interestingengineering.com

Dylan has filed over 20 vulnerabilities, earned a top-three finish at Zero Day Quest, and changed Microsoft’s security policy.

Bug bounty programs attract some of the most skilled engineers in cybersecurity. These are professionals who find their way through enterprise-level software in search of vulnerabilities for recognition, impact, or high payouts.

Photo by Clint Patterson on Unsplash

But Dylan, a high school junior, entered that world at just 13. His first major find, a critical Microsoft Teams vulnerability, didn’t just earn him accolades. It led Microsoft to rewrite the rules of its bug bounty program to allow teenage researchers.

Read more…

chwoot: Critical Linux vulnerability makes users root on most systems

From heise.de

An example exploit is available online and works on many standard systems. Admins should quickly install the available updates.

(made with openart.ai)

There is a critical security flaw in the Linux tool “sudo” and makes unprivileged users “root”, the system administrator, in no time at all. The reason for the malaise: a bug in the chroot function of sudo. This function is actually intended to “lock” users in their home directory, but allows them to break out of it and extend their rights. An update is available; admins of multi-user systems should act quickly.

The vulnerability exploits a bug in the chroot implementation. Between two function calls, this calls the “Name Service Switch” (NSS), which in turn loads the file /etc/nsswitch.conf. The attacker can now cause this function to load a file he has prepared with C code (a dynamic .so library) and execute it with root rights.

Read more…

Notepad++ Vulnerability Let Attacker Gain Complete System Control – PoC Released

From cybersecuritynews.com

A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise.

The flaw, designated CVE-2025-49144, allows attackers to gain SYSTEM-level privileges through a technique known as binary planting, with a proof-of-concept demonstration now publicly available.

The vulnerability affects the Notepad++ v8.8.1 installer released on May 5, 2025, exploiting an uncontrolled executable search path that enables local privilege escalation attacks.

Read more…

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

From securityaffairs.com

(made with Adobe firefly)

Zoomcar is an India-based car-sharing and self-drive car rental company. Zoomcar discovered a data breach impacting 8.4M users after threat actors contacted the internal personnel claiming the compromise of internal systems.

The company is investigating the security breach and has determined that the exposed information included names, contacts, and addresses. No financial data or passwords were compromised.

Read more…