Latest IntelligenceVulnerabilitiesPage 6
Search by keyword →
New Fragnesia Linux flaw lets attackers gain root privileges
Linux distros are rolling out patches for a new high-severity kernel privilege escalation vulnerability (known as Fragnasia and tracked as CVE-2026-46300) that...
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, Green...
Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks
A critical heap buffer overflow vulnerability has been discovered in the source code of NGINX, present since 2008. This vulnerability has been publicly disclose...
Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks – PoC Released
A critical heap buffer overflow vulnerability, lurking in NGINX’s source code since 2008, has been publicly disclosed. Complete with a working proof-of-co...
Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code
A newly disclosed critical vulnerability in MongoDB could allow threat actors to execute arbitrary code, potentially handing them complete control over affected...
Windows BitLocker 0-Day Vulnerability Enables Access to Encrypted Drives
Two new unpatched Windows BitLocker zero-day vulnerabilities significantly compromise Microsoft’s ecosystem. The exploits include a critical BitLocker enc...
New critical Exim mailer flaw allows remote code execution
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker t...
Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape
Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professional...
Windows BitLocker zero-day gives access to protected drives, PoC released
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, wh...
Viral ‘RuView’ GitHub project uses Wi-Fi to track movement through walls
A new open-source project called “RuView” is drawing widespread attention online for demonstrating how ordinary Wi-Fi signals can be used to detect human moveme...
Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code
Microsoft’s MDASH discovered 16 of the Patch Tuesday vulnerabilities, and Palo Alto used Mythos to find dozens of flaws. The post Microsoft, Palo Alto Networks...
Microsoft fixes Windows Autopatch bug installing restricted drivers
Microsoft has fixed a Windows Autopatch bug that caused driver updates restricted by administrative policies to be deployed on some Autopatch-managed Windows de...
Fragnesia Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released
A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race conditi...
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is becomi...
Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”. The post Microsoft Patches Cri...
Critical SandboxJS Escape Vulnerability Enables Host Takeover
A critical security flaw has been found in SandboxJS, a widely used JavaScript sandboxing library available on npm. The vulnerability allows attackers to break ...
Fortinet, Ivanti Patch Critical Vulnerabilities
Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. The post Fortinet, Ivanti Patch Critical Vulnerabiliti...
Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities
The two chip giants have published over two dozen advisories describing recently identified security defects. The post Chipmaker Patch Tuesday: Intel and AMD Pa...
New Exim BDAT GnuTLS Vulnerability Enables Code Execution Attacks
A serious security flaw has been found in Exim, one of the most widely deployed mail transfer agents on the internet today. The vulnerability, tracked as EXIM-S...
Hundreds of Malicious Packages Force RubyGems to Suspend Registrations
More than 500 packages were pushed during the attack, but the target appears to have been RubyGems itself rather than users. The post Hundreds of Malicious Pack...