exploit

Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working …

Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products …

A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To …

Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the …

A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The …

Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is …

Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source …

A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag …

The situation around the critical cPanel authentication bypass vulnerability (CVE-2026-41940) has deteriorated significantly since our initial coverage. Exploratory probing …

Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed …

Hidden inside newly discovered botnet malware is an unusual message from its creator: “AI.NEEDS.TO.DIE”. Dubbed “tuxnokill” by researchers at Akamai, …

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with …