Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. When Chromebooks are enrolled with ...

New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on an analysis of 138 different exploited vulnerabilities ...

In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks. Today’s most ...

A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server.

Santiago Torres-Arias does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations ...

A newly published “exploit chain” for Nvidia Tegra X1-based systems seems to describe an apparently unpatchable method for running arbitrary code on all currently available Nintendo Switch consoles.

This story accompanies a profile of the French exploit-selling firm Vupen in the April 9th issue of Forbes magazine. A clever hacker today has to make tough choices. Find a previously unknown method ...

Hackers backed by North Korea’s government exploited a critical Chrome zero-day in an attempt to infect the computers of hundreds of people working in a wide range of industries, including the news ...

A newly announced iOS exploit could lead to a permanent, unblockable jailbreak on hundreds of millions of iPhones, according to researcher axi0mX who discovered it. Dubbed “checkm8,” the exploit is a ...