CRITICALAi
Global

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

·Source: The Hacker News

Updated:

Executive Summary

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

Analysis

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability
Source Attribution

Originally published by The Hacker News on May 26, 2026.

Related Threats

CRITICALAi

Russia-aligned crime group Greyvibe extensively uses AI in attacks

Researchers have uncovered a previously undocumented Russian group that makes extensive use of large language models (LLMs) in its attacks against private, government, and military organizations in Ukraine. It uses a variety of attack vectors along with custom malware, with the goal of intelligence gathering for the ongoing war. Dubbed Greyvibe by researchers from WithSecure, the group has shown s

CSO Online
CRITICALAi

Microsoft and security researcher’s dueling posts about cybersecurity disclosures get nasty

Microsoft and a prominent cybersecurity researcher have gotten into a very public and rather personal exchange of unpleasantries about what responsible cybersecurity disclosures should mean in 2026. A cybersecurity researcher going by the name Nightmare Eclipse, who has disclosed several cybersecurity holes before patches were available, posted that he had tried to contact Microsoft officials and

CVE-2026-45585
CSO Online
LOWAi

Metasploit Wrap Up 05/29/2026

More Linux LPEs Hark the age of the Linux LPE has arrived. This week’s release follows up on recent work bringing new Linux LPEs to Metasploit users. Copy Fail seemed to have kicked off a trend of similar bugs and hot on its heels is Dirty Frag. Dirty Frag is actually two vulnerabilities in a trenchcoat, individually identified as CVE-2026-43284 and CVE-2026-43500. Each is exploitable individually

CVE-2026-43284CVE-2026-43500
Rapid7