A severe security flaw, CVE-2024-3078, has been discovered in the Windows Wi-Fi driver. This vulnerability allows remote code execution at the kernel level without needing user interaction or ...

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for ...

ESET researchers discovered a previously unknown vulnerability, CVE-2024-9680, in Mozilla products, exploited in the wild by the Russia-aligned APT group RomCom. Further analysis revealed another zero ...

Update, Dec. 12, 2024: This story, originally published Dec. 11, now includes further information from security experts regarding another critical vulnerability within the latest Windows security ...

All versions of Windows clients, from Windows 7 through current Windows 11 versions, contain a 0-day vulnerability that could allow attackers to capture NTLM authentication hashes from users of ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Microsoft patches six Windows zero-days. Across January and February combined, Windows users had already been exposed to a total of five so-called zero-day exploits where attackers had already struck ...

A threat actor is exploiting a zero-day elevation of privileges vulnerability in the Windows Common Log File System to deploy ransomware, one of a number of critical holes Microsoft plugged today as ...

Microsoft on Thursday deployed a reworked update for a critical vulnerability in the Windows Server Update Service (WSUS) that has come under attack in the wild. CVE-2025-59287 is a remote code ...

WinRAR flaw let crafted archives drop files outside target folder, including into Windows Startup New version 7.12 addresses critical path and HTML vulnerabilities Windows users urged to update WinRAR ...