EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the ...

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...

Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...

Nightmare-Eclipse's vendetta against Microsoft and Windows continues apace — researcher publishes RoguePlanet and GreatXML ...

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

The vulnerability enables authenticated attackers to take over the enterprise network management system as root and may be ...

A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft ...

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Researchers at the University of Toronto have built a worm that thinks for itself. Using free off-the-shelf AI models it ...