Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...

“That world no longer exists”: AI has terminated the "grace period" for closing security vulnerabilities, here's what you ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

Pack2TheRoot, a high-severity vulnerability in PackageKit, allows users to install packages on Linux systems with root ...

Anthropic's Mythos AI discovered over 2,000 unknown software vulnerabilities in seven weeks, prompting the company to ...

ZetaChain lost $334K in a targeted GatewayEVM exploit on April 26. No user funds were affected. A patch is now being deployed ...

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.

Anthropic's latest model needs to be kept under lock and key, but for how long?

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...