The Hacker News

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...
CoinTelegraph

Kelp exploit highlights problem with non-isolated DeFi lending: Crypto execs

The contagion from the Kelp exploit could have been contained, but at the cost of capital efficiency, according to the founder of Curve Finance. The exploit of the Kelp liquid restaking protocol shows ...
cybernews

Critical PAN-OS zero-day vulnerability exploited in the wild, with no patches available

Palo Alto Networks warns that its widely deployed firewalls are under attack with hackers exploiting a critical zero-day vulnerability. Unauthenticated attackers can achieve remote code execution with ...

New 'Copy Fail' Flaw In Linux Kernel Lets Any Local User Seize Root Access: Here's How To ...

The flaw allows an unprivileged local user to write four controlled bytes into the page cache of any readable file on a Linux system, which can then be leveraged to obtain root privileges. Successful ...

Firestarter malware survives Cisco firewall updates, security patches

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or ...
TWCN Tech News

Enable and use Exploit Protection in Windows 11

Windows Security Center in Windows 11/10 introduces a new security protection feature called Exploit Protection. With the introduction of this feature, Windows 11/10 users now no longer need the ...
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations ...
The Hacker News

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

The Azerbaijani firm was targeted a third time towards the end of February 2026, when the threat actors once again attempted ...
PC World

Unpatched Microsoft Defender flaw lets hackers gain admin access

PCWorld reports on the ‘RedSun’ vulnerability in Microsoft Defender affecting Windows 10, 11, and Server systems that allows attackers to gain administrative privileges. Security researcher Chaotic ...
TechRepublic

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft Defender and Windows users. No less than three new security flaws are ...
Bleeping Computer

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with ...
CSO Online

Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor

Admins are being warned by cyber experts from the US and UK that this is part of continuing campaign to crack Cisco firewalls.