Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate)

/r/netsec - Information Security News & Discussion

By: /u/pwnguide

3 May 2026 at 12:33

Around 85% success rate of keystroke recovery with our script :)

submitted by /u/pwnguide
[link] [comments]

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The Hacker News

By: Ravie Lakshmanan

3 May 2026 at 06:26

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026-31431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow an

How to exfiltrate data using only numeric outputs

/r/netsec - Information Security News & Discussion

By: /u/DrAdalbbert

2 May 2026 at 14:39

submitted by /u/DrAdalbbert
[link] [comments]

Disneyland Now Uses Face Recognition on Visitors

WIRED

By: Lily Hay Newman · Andy Greenberg · Andrew Couts

2 May 2026 at 10:30

Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more.

Brace for the patch tsunami: AI is unearthing decades of buried code debt

The Register - Security

2 May 2026 at 08:30

Britain's cyber agency says the bill for years of technical shortcuts is coming due, and it's arriving all at once

Britain's cyber agency is warning that AI-fuelled bug hunting is about to flush out years of buried flaws, leaving defenders scrambling to keep up.…

Trellix Confirms Source Code Breach With Unauthorized Repository Access

The Hacker News

By: Ravie Lakshmanan

2 May 2026 at 06:41

Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It said it "recently identified" the compromise of its source code repository and that it began working with "leading forensic experts" to resolve the matter immediately. It also said it has notified law enforcement of the matter. Trellix did not disclose the

For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.

/r/netsec - Information Security News & Discussion

By: /u/EliteRaids

1 May 2026 at 23:30

TL;DR: If a large model finds a 0-day with 90% probability, and a small model with 50% probability, but the small model costs 10x less, it is better to use the small model.

We compared the cost and recall of various models in finding real, recent zero-days and found that for most applications, smaller models run repeatedly can significantly outperform larger frontier models on cost-to-recall.

Disclaimer: I'm involved with Hacktron, the company that produced this research. This is a factual presentation of our benchmarks, which we hope the community can use to make informed decisions about models like Mythos.

submitted by /u/EliteRaids
[link] [comments]

Every incident public companies have disclosed to the SEC, in one searchable database

/r/netsec - Information Security News & Discussion

By: /u/LordKittyPanther

1 May 2026 at 22:42

submitted by /u/LordKittyPanther
[link] [comments]

Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers

WIRED

By: Dan Goodin · Ars Technica

1 May 2026 at 20:30

The exploit, dubbed CopyFail and tracked as CVE-2026-31431, allows hackers to take over PCs and data center servers. The Linux vulnerabilities have been patched—but many machines remain at risk.

30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign

The Hacker News

By: Ravie Lakshmanan

1 May 2026 at 18:09

A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails with an aim to compromise Facebook accounts. The activity has been codenamed AccountDumpling by Guardio, with the scheme selling the stolen accounts back through an illicit storefront run by the threat actors. In all, roughly 30,000 Facebook accounts are

Reading view

Britain's cyber agency says the bill for years of technical shortcuts is coming due, and it's arriving all at once