Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

When Ivanti disclosed critical flaws in its Connect Secure VPN gateway in January 2024, attackers had working exploits ...

CISA added two exploited bugs to KEV, forcing federal agencies to patch Langflow and Apex One flaws by June 4, 2026.

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Microsoft responds to Windows 11 encryption bypass vulnerability with new mitigation.

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

Drupal is warning users that it’s preparing a patch for a ‘highly critical’ vulnerability that may be exploited shortly after ...

The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day ...

Linux users have been bitten by yet another vulnerability that gives containers and untrusted users the ability to gain root ...

The MiniPlasma exploit targets CVE-2020-17103, a Windows vulnerability that should have been patched in December 2020.

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...

Two healthcare organizations in the UK are said to be among the victims of a malicious campaign involving the exploitation of a vulnerability linked to cybersecurity hardware provider Ivanti.