The CircuitryTHE CIRCUITRY
Verified Tech News

THE CIRCUITRY

One place for tech news that's actually true. Every story sourced, vetted, and presented straight. No fake news, no spin, no invented details.

11Stories
328Verified
  • Apple
  • Tesla
  • SpaceX
  • xAI
  • Microsoft
  • AI
  • Crypto
  • Gaming

Results for "exploit"

11 total
Microsoft Patches Two Actively Exploited Defender Zero-Days
VERIFIEDBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·2.5 min read

Microsoft Patches Two Actively Exploited Defender Zero-Days

Microsoft began rolling out patches Wednesday for two zero-day vulnerabilities in Defender that attackers are actively exploiting to gain SYSTEM privileges or trigger denial-of-service conditions. CISA added the flaws to its Known Exploited Vulnerabilities catalog and gave federal agencies until June 3 to apply fixes.

Read
Echo Protocol Hit by $76.7M Exploit via Admin Key Breach
VERIFIEDBy Xavier Rivera·Crypto/Finance· ·via CoinTelegraph·2 min read

Echo Protocol Hit by $76.7M Exploit via Admin Key Breach

An attacker minted about 1,000 unauthorized eBTC worth $76.7 million on Echo Protocol after compromising an admin private key on the Monad blockchain. The incident highlights ongoing DeFi security risks, with at least 12 protocols already exploited this month amid a broader 2026 surge in crypto hacks.

Read
Microsoft Exchange, Windows 11 Hacked on Pwn2Own Day Two
VERIFIEDBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·2.5 min read

Microsoft Exchange, Windows 11 Hacked on Pwn2Own Day Two

On the second day of Pwn2Own Berlin 2026, researchers earned $385,750 by exploiting 15 zero-day vulnerabilities including successful attacks on Microsoft Exchange and Windows 11. The demonstrations underscore risks in enterprise and AI products while giving vendors 90 days to issue patches after public disclosure.

Read
Cisco Warns of Critical SD-WAN Flaw Actively Exploited in Zero-Days
VERIFIEDBy Xavier Rivera·Tech/AI· ·via BleepingComputer·3 min read

Cisco Warns of Critical SD-WAN Flaw Actively Exploited in Zero-Days

Cisco disclosed that CVE-2026-20182, a critical authentication bypass in its Catalyst SD-WAN Controller and Manager, is being actively exploited in zero-day attacks allowing high-privileged access and network configuration manipulation. CISA has added the flaw to its Known Exploited Vulnerabilities Catalog with a patching deadline of May 17, 2026 for federal agencies while Cisco released updates but no full workarounds.

Read
Kraken Replaces LayerZero With Chainlink for Cross-Chain Assets
VERIFIEDBy Xavier Rivera·Crypto/Finance· ·via CoinDesk·1.5 min read

Kraken Replaces LayerZero With Chainlink for Cross-Chain Assets

Kraken is replacing LayerZero with Chainlink CCIP as the exclusive cross-chain infrastructure for its wrapped assets including kBTC, triggering the migration of over $3 billion in TVL. The shift follows a $292 million LayerZero-powered exploit on Kelp that exposed risks in legacy cross-chain setups and mirrors moves by other platforms.

Read
Google: AI Built First Zero-Day Exploit to Bypass 2FA
VERIFIEDBy Xavier Rivera·Tech/AI· ·via Decrypt·1 min read

Google: AI Built First Zero-Day Exploit to Bypass 2FA

Google’s Threat Intelligence Group confirms that cybercriminals used AI to build the first observed zero-day exploit that bypassed two-factor authentication in an open-source web tool. The report highlights growing AI use by state-linked actors while noting a Cambridge study finding limited AI sophistication in most cybercrime.

Read
Google Finds Hackers Used AI for First Zero-Day Exploit
VERIFIEDBy Xavier Rivera·Tech/AI· ·via BleepingComputer·1.5 min read

Google Finds Hackers Used AI for First Zero-Day Exploit

Google Threat Intelligence Group reports that hackers used AI to develop a zero-day exploit bypassing 2FA in an unnamed popular open-source web admin tool. The attack was stopped before mass exploitation, but the case marks the first time GTIG has seen AI used this way and highlights growing adversary reliance on the technology.

Read
Hackers Exploit RCE Flaws in Qinglong Scheduler for Cryptomining
VERIFIEDBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1 min read

Hackers Exploit RCE Flaws in Qinglong Scheduler for Cryptomining

Hackers chain two authentication bypass flaws in Qinglong versions 2.20.1 and older for RCE and cryptomining since early February. Snyk reports ongoing attacks on exposed panels, with a proper fix only in recent PR #2941.

Read
ZetaChain Dismissed Bug Report Before $334K Exploit
VERIFIEDBy Xavier Rivera·Crypto/Finance· ·via CoinTelegraph·1 min read

ZetaChain Dismissed Bug Report Before $334K Exploit

ZetaChain dismissed a bug bounty report on a vulnerability that enabled a $334,000 exploit via its cross-chain gateway. The incident prompts a review of bug bounty processes and includes a patch rollout.

Read
GitHub patches critical RCE vuln in under 6 hours
VERIFIEDBy Xavier Rivera·Tech/AI· ·via The Verge·1 min read

GitHub patches critical RCE vuln in under 6 hours

Wiz Research discovered a critical remote code execution vulnerability in GitHub’s git infrastructure using AI models. GitHub validated, fixed, and confirmed no exploitation within six hours of the bug bounty report.

Read
CISA Orders Feds to Patch Exploited Windows Zero-Day
VERIFIEDBy Xavier Rivera·Microsoft/Cloud· ·via BleepingComputer·1 min read

CISA Orders Feds to Patch Exploited Windows Zero-Day

CISA orders U.S. federal agencies to patch Windows CVE-2026-32202 by May 12 after zero-day exploitation. The flaw persisted from an incomplete February patch and enables credential theft.

Read