When Ivanti disclosed critical flaws in its Connect Secure VPN gateway in January 2024, attackers had working exploits ...

In late May 2023, a critical flaw in the MOVEit file-transfer platform was publicly disclosed. Within hours, the Cl0p ...

The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day ...

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

A disgruntled security researcher this week publicly disclosed two zero-day vulnerabilities in Windows that enable BitLocker ...

Google said it observed a group of prominent “threat actors” planning an operation relying on a bug they had found that ...

The team behind the first public macOS kernel memory corruption exploit on M5 silicon has shared fresh details on how Mythos Preview helped bypass a five-year Apple security effort in five days.

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.” ...

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.

A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud ...

Every second a vulnerability sits unpatched in your environment, the clock is ticking, not for you, but for the attacker on ...