Trend Micro warns of Apex One zero-day exploited in the wild
… CISA currently tracks 12 Trend Micro Apex vulnerabilities that have either been or are still being abused in attacks. …
Search
All sources
bleepingcomputer.com
40
theregister.com
15
pcworld.com
8
theverge.com
7
tomshardware.com
5
arstechnica.com
4
appleinsider.com
4
hothardware.com
4
androidauthority.com
4
notebookcheck.net
4
engadget.com
3
9to5mac.com
3
Videos
More videos
This Linux Bug Gives Attackers Root
A Vulnerability to Hack The World - CVE-2023-4863
AI Is Hacking Everything Now...
732 bytes of Python just borked every Linux machine on earth…
Sorry Windows 10 Users...
My theory on how the webp 0day was discovered #short
My theory on how the webp 0day was discovered (BLASTPASS)
An initiative to secure the world's software | Project Glasswing
Ubuntu under attack, Big flaw affects all Linux distros, Linux beats Windows - Linux Weekly News
Top stories
CISA orders feds to patch actively exploited Drupal vulnerability
… Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice," the cybersecurity agency warned. …
CISA flags two-year-old Oracle flaw as actively exploited in attacks
… Over the last several years, CISA has flagged 43 vulnerabilities across various Oracle products as exploited in the wild, 12 of which have been abused in ransomware attacks. …
CISA flags actively exploited ‘Copy Fail’ Linux kernel flaw enabling root takeover across major distros — unpatched systems may remain vulnerable to attack
… That dynamic is reflected in CISA‘s unusually swift inclusion of the flaw in its exploited vulnerabilities list, signaling that the issue poses a significant and immediate risk. …
Discussions and forums
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
Head over to Netomize's blog to learn about how we detect the exploitation of the CrushFTP Vulnerability (CVE-2025-31161) with PacketSmith's Yara detection module, using the newly introduced track_state and flow_state ke…
The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.
The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …
Speed Matters: Why AI Software Vulnerability Exploitation is going be bad
I co-founded a successful security company close to the Mythos ecosystem and have spoken with participants in the know and I am deeply concerned. We, collectively, have answers for some but not all of the problems ahead …
13
5
Microsoft vs Chaotic Eclipse: three zero-days now actively exploited
This one has been building for a month and it came to a head this week. A researcher going by Chaotic Eclipse has released six Windows zero-days publicly over the past several weeks, covering Defender, BitLocker, and Win…
Dirty Frag: a kernel zero-day vs. container and microVM sandboxes
On May 7, Hyunwoo Kim (V4bel) disclosed Dirty Frag — two Linux kernel vulnerabilities (CVE-2026-43284 and CVE-2026-43500) that give unprivileged users deterministic root on most Linux distributions shipped since 2017. Mi…
3
Google publishes exploit code threatening millions of Chromium users
… Exploits are particularly hard to detect when run on Edge. …
CISA warns of active attacks exploiting Android, Linux bugs
… Cybersecurity and Infrastructure Security Agency CISA is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. …
Linux bitten by second severe vulnerability in as many weeks
… Once the exploits run, attackers can use SSH access, web-shell execution, or container escapes, or compromise low-privilege accounts. “Dirty Frag is notable because it introduces multiple kernel attack paths involving rxrpc and esp/xfrm networking components to improve exploitation reliability,” Mi… …
Google fixes one actively exploited Android zero-day, 124 flaws
Google fixes one actively exploited Android zero-day, 124 flaws By Sergiu Gatlan June 2, 2026 07:10 AM Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. …
Ransomware scum, other crims exploit 4 old Microsoft bugs
… The four vulnerabilities added to CISA's Known Exploited Vulnerabilities KEV catalog on Monday are: CVE-2025-60710 , a link-following vulnerability in Windows that allows privilege escalation. …
New Linux 'Dirty Frag' zero-day gives root on all major distros
… Also, while Dirty Frag belongs to the same class as the Dirty Pipe and Copy Fail Linux vulnerabilities, it exploits the fragment field of a different kernel data structure. …