A security researcher has released RoguePlanet, a Windows zero-day exploit leading to local privilege escalation to SYSTEM.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Every security team’s nightmare came true over the weekend: a ...

The HTTP/2 Bomb exploit chains two known denial-of-service (DoS) attack techniques to knock major web servers offline.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. Serv-U ...

Microsoft Exchange Servers are under threat from a zero-day vulnerability, exploited via crafted emails. With no official patch, companies are urged to use mitigation services to protect their systems ...

Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the ...

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...

The large May patch package had fixed the vulnerability in Windows Netlogon, now attackers are exploiting it. Admins should ...

Attackers exploited a critical GeoServer flaw to breach a US federal agency in July 2024 China Chopper web shell enabled remote access and lateral movement across compromised systems CISA urges timely ...

The proof-of-concept exploit is easy to execute, and could foretell wider targeting of the Fortinet vulnerability by attackers. Security researchers have released technical details and a ...