Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.

A vulnerability tracked as CVE-2026-4747 has appeared in secondary cybersecurity reporting, which attributes the discovery to ...

"A regression in the Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages cause the managed authenticated ...

Firefox 150 enhances split view, tab sharing, and other helpful features and patches 271 security vulnerabilities - update now.

NIST is focusing on enriching cybersecurity vulnerabilities and exposures that appear in CISA’s Known Exploited ...

CVSS vulnerability triage missed a chained Palo Alto attack that hit 13,000 devices. Five failure classes and the fixes ...

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability ...

CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager ...

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...

The National Institute of Standards and Technology is changing how it analyzes newly disclosed vulnerabilities as it faces a ...