Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...

A RoguePlanet PoC exploit targets a Microsoft Defender zero-day race condition and can produce a SYSTEM-level shell when ...

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today launched a free JVM vulnerability ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

A BitLocker bypass vulnerability lets thieves read your encrypted Windows files in 2026. Here's the zero-day flaw, who's ...

A new Microsoft Defender zero-day called RoguePlanet reportedly grants SYSTEM privileges on fully patched Windows 10 and Windows 11 devices.

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by ...

Google said it observed a group of prominent “threat actors” planning an operation relying on a bug they had found that allowed them to bypass two-factor authentication.

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...

Despite clear limitations, many vulnerability researchers find LLMs valuable, leveraging their capabilities to accelerate vulnerability discovery, assist in exploit writing, re-engineer malicious ...

The $10.7 million THORChain exploit was caused by a GG20 vulnerability, which allowed a malicious node to reconstruct a full private key to one of its vaults. THORChain said a malicious node operator ...