exploit
-
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU Timers
A newly discovered vulnerability in the Linux kernel’s POSIX CPU timers has been exposed, with a detailed proof-of-concept demonstrating one…
Read More » -
Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation
Microsoft has recently patched a critical vulnerability in its Brokering File System (BFS) driver, which could have allowed attackers to…
Read More » -
25,000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation
The Shadowserver Foundation has discovered over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns…
Read More » -
Apache Log4j Flaw Enables Interception of Sensitive Logging Data
The Apache Software Foundation has released a critical security update for its widely used Log4j logging library. A newly discovered…
Read More » -
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has released an urgent security advisory regarding the active exploitation of a local privilege escalation vulnerability affecting its SMA1000…
Read More » -
New Reports Reveal WAFs Are Ineffective Against Latest React2Shell Exploit
Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery…
Read More » -
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks
The ForumTroll APT group has re-emerged with a highly sophisticated phishing campaign aimed at Russian academics, marking a significant escalation…
Read More » -
Link11 Identifies Five Cybersecurity Trends Shaping European Defense Strategies in 2026
Link11, a leading European provider of web infrastructure security solutions, has released new insights highlighting five key cybersecurity developments that…
Read More » -
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical vulnerability has been discovered in the JumpCloud Remote Assist for Windows agent, allowing low-privileged users to gain NT…
Read More » -
PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers
A sophisticated attack campaign attributed to a group identifying as “PCP” has compromised 59,128 servers in less than 48 hours…
Read More » -
NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks
NVIDIA has issued urgent security patches for its Merlin machine learning framework, addressing two high-severity deserialization vulnerabilities that could allow…
Read More » -
MITRE Unveils 2025’s Top 25 Most Dangerous Software Weaknesses
MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the…
Read More » -
Researchers and Developers Targeted in AI-Driven GitHub Supply Chain Attack
A sophisticated AI-generated supply chain attack is targeting researchers, developers, and security professionals through compromised GitHub repositories, according to findings…
Read More » -
Surge in Attacks Targeting RSC-Enabled Services Worldwide
In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly…
Read More » -
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches to address two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. These…
Read More » -
Makop Ransomware Evolves with Advanced Evasion Techniques and Exploit Arsenal
Makop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP)…
Read More » -
Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information
A severe security flaw has been uncovered, putting billions of WhatsApp and Signal users worldwide at risk of being secretly…
Read More » -
Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users
Adex, a leading anti-fraud and traffic-quality platform under AdTech Holding, has successfully identified and neutralized a complex, multi-year malware operation…
Read More »