A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

A security researcher reported a vulnerability to Microsoft. But when the company didn't respond quickly enough, he went public with real exploit code.

Windows has a zero-day vulnerability that allows attackers to escalate their privileges. A patch is not yet available.

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached systems.

Anthropic holds back its most advanced model yet to allow companies and institutions to prepare.

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities that were patched in 2023 and early 2024. The kit chains together at least ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

CVE-2025-53521 was first disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information reveals ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

A report has confirmed that a highly sophisticated, full-chain exploit kit internally known as DarkSword has been publicly leaked on the code-sharing platform GitHub.