Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
SecurityWeek

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks

Dirty Frag, a new local privilege escalation vulnerability affecting major Linux distributions, may already be exploited in ...
Digital Trends

A major Sonos exploit was explained at Black Hat — but you needn’t worry

This aging Sonos One looks like it's seen a thing or two — but it's also continued to see security updates. Phil Nickinson / Digital Trends Hardware exploits, in a very oversimplified sense, can be ...
Hosted on MSN

Cetus Protocol $220M+ Exploit Explained: Token Spoofing & Overflow Attack on Sui

Cetus lost over $220 million after an attacker exploited a flaw in a smart contract math library. The attacker used spoof tokens and overflow bugs to trick the system into giving away real assets.
TechSpot

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

The Epitome of WTF: A researcher known as "Nightmare-Eclipse" recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker's full-volume encryption. The ...
PC World

What is a zero day exploit? The most dangerous security attacks, explained

There are errors (bugs) and security vulnerabilities in the code of almost all software. The more extensive the code, the more there are. Many of these security flaws are discovered over time by users ...

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...
LinuxInsider

Dirty Frag Linux Vulnerability Raises New Root Access Risks

A newly disclosed Linux privilege escalation flaw dubbed "Dirty Frag" is raising concerns among security researchers who warn ...

Microsoft Says Edge Password Security Vulnerability Is ‘By Design’—Is It Time To Switch To Chrome?

Microsoft Edge loads all your saved passwords, decrypted and in plaintext, into memory at startup. Google Chrome doesn’t—is ...
Dark Reading

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Anthropic's Mythos model promises major innovations in vulnerability management and security red-teaming, but questions remain regarding how defenders can keep threat actors from taking full advantage ...
Infosecurity-magazine.com

Russian Company Offers $20m For Non-NATO Mobile Exploits

The Russian firm Operation Zero has announced a staggering $20m reward for hacking tools capable of compromising iPhones and Android devices. The company unveiled this increased payout on X (formerly ...
Yardbarker

Warzone’s Crazy Loadout Exploit Patched: Relief For 2025 Ranked Players

Warzone players can finally relax a bit. A major exploit in Call of Duty Warzone that let people drop custom loadouts in the pre-game lobby and grab them right away in matches has been fixed. This ...