The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...
Dark Reading

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.
SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...
Security Boulevard

Firewall Penetration Testing: Definition, Process and Tools

Firewall penetration testing examines the firewall as a security control and identifies the weaknesses that allow unwanted traffic to reach internal systems.  It helps to make the network secure by ...
PCQuest on MSN

One command, full recon: Why AutoPentestX matters for Linux pentesters

Many times when performing penetration tests, there is no lack of tools for conducting penetration testing, but rather the issue relates to performing penetration testing in a fractured way.

PromptSpy is the first known Android malware to use generative AI at runtime

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices.
heise online

AI and Security: Zero-day exploits through AI are already a reality

A study shows: AIs can create complex zero-day exploits. The consequence: The search for security vulnerabilities is successfully industrialized and scaled. According to a recent study, Artificial ...