Dirty Frag Won't Be The Last Exploit
CopyFail Compromises The Last 9 Years Of Linux Distros
The First Exploit - Pwn2Own Documentary (Part 2)
The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1)
Another Linux Distro Dropped Deepin Desktop
This Linux Bug Gives Attackers Root
IPv8 Changes Everything We Know About IP
Security Ransomware crims abused Cisco 0-day weeks before disclosure, says Amazon security boss Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a… …
… In response to the unnecessary risk created by these disclosures, our security teams have been working around the clock to understand the impact, protect our customers, and develop security updates. …
… The vast majority of security exploits are rooted in specific bad programming habits, something a bot excels at noticing quickly and repeatedly. …
… Download Now Related Articles: Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws Microsoft releases Windows 10 KB5087544 extended security update Windows 11 KB5089549 & KB5087420 cumulative updates released Microsoft relea… …
https://securityaffairs.com/193128/security/researcher-drops-a-new-vs-code-zero-day-after-losing-trust-in-microsofts-disclosure-process.html
This one has been building for a month and it came to a head this week. A researcher going by Chaotic Eclipse has released six Windows zero-days publicly over the past several weeks, covering Defender, BitLocker, and Win…
The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …
Disclosure: I work on Forkline, which maintains a fork of the retired Kubernetes ingress-nginx controller. NGINX published a security advisory for ngx_http_rewrite_module. The affected versions are NGINX Open Source belo…
TL;DR: If you are running NGINX Open Source below 1.30.1 or 1.31.0, you are affected by the current ngx_http_rewrite_module CVE batch. For Kubernetes ingress-nginx users this is especially relevant — the retired controll…
One security researcher discovered a previously unpatched vulnerability in Windows and reported it to the Microsoft Security Response Center. …
… Nightmare Eclipse has not been arrested but could face lawsuits or criminal referrals, depending on how authorities interpret the disclosures. Security researchers warn that future disclosure behaviour could change if companies respond with aggressive legal threats rather than collaboration. …
… "As I mentioned in that post, going forward I would be doing full public disclosure for any security bugs I found in VSCode." This follows another stream of zero-days in various Microsoft products disclosed by an anonymous security researcher using the 'Nightmare Eclipse' online handle who also exp… …
… "The issue occurs when Microsoft Office improperly handles memory pointers, potentially allowing an attacker to manipulate how the application accesses memory," Bicer said. ® patch tuesday security microsoft
… Second, Netgear’s CEO is suggesting today that the US government’s foreign router ban was actually about “stronger safety and security standards.” “This aligns with our security-first approach, and we believe the steps the FCC are taking will help ensure the security of your digital front door and … …
… AMD also acknowledged new security research of TDXRay as a side-channel analysis of Intel TDX. AMD's SEV-SNP though isn't impacted by TDXRay. More details on today's AMD disclosures can be found via the AMD product security center . …