A security researcher has released RoguePlanet, a Windows zero-day exploit leading to local privilege escalation to SYSTEM.

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Microsoft is under fire for suspending accounts linked to a researcher who publicly shared zero-day exploit code, sparking debates on vulnerability disclosure practices.

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...

Raydium lost about $1.34 million on June 10 after an attacker drained five dormant AMM V3 liquidity pools on Solana that had ...

Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit code is currently circulating in the wild. Published on Tuesday, ...

CVE-2026-23111 is a Linux kernel nf_tables use-after-free that lets an unprivileged local user escalate to root and escape a ...

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...

Cisco patched a Unified CM flaw allowing unauthenticated network attackers to write files and escalate to root.

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...

There are times when network security defenders need to compile exploit code. It is not unusual for more than a dozen new exploits against Windows and Linux machines to be released each day, and ...

Several independent coding groups have posted code on the Internet that can allow hackers to exploit a previously disclosed vulnerability in Microsoft Corp.’s Windows operating system. The Windows ...