A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

Haifei Li, a principal vulnerability researcher at Check Point Software Technologies Ltd., examines the universe of Microsoft Outlook exploits in a new blog post this week that has lessons for users ...

The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day ...

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...

Security researchers have found a chain of exploits that allows the bootloader of the Chromecast with Google TV (HD) to be unlocked. Worryingly, this exploit chain allows the device to report a ...

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...

The MiniPlasma exploit targets CVE-2020-17103, a Windows vulnerability that should have been patched in December 2020.

Apple issues a rare iOS 18 security patch as the DarkSword exploit threatens up to 270 million iPhones, marking a shift in its long-standing update policy.

Security researchers say a pair of easy-to-exploit flaws in a popular remote-access tool used by more than a million companies around the world are now being mass exploited, with hackers abusing the ...

One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage. Zerodium, which pays $2 million for iOS ...

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. Named ...