Two Windows vulnerabilities—one a zero-day that has been known to attackers since 2017 and the other a critical flaw that Microsoft initially tried and failed to patch recently—are under active ...

An "authorized attacker" could exploit this weakness to gain elevated privileges, potentially reaching SYSTEM-level access.

UNC6384 is a Chinese-linked cyber espionage group identified by Google’s Threat Intelligence Group (GTIG) in August 2025. The ...

A new update for most newer versions of the Mac OS X operating system is available from Apple. The new update fixes flaws in Apache 2, AppKit, Bluetooth, CoreFoundation, CUPS, Directory Services, ...

UNC6384, a China-linked threat actor, has been targeting European diplomatic entities in Hungary and Belgium in a cyber-espionage campaign since September. The group incorporated the exploitation of ...

Released earlier this week, the exploit code - which has been crafted to run not only on attackers' Windows machines, but also on Linux and Unix boxes -crashes Windows systems not patched against a ...

Immunity, a security and consulting firm, said earlier this week that it had published a working exploit for the VML (Vector Markup Language) vulnerability within three hours of Microsoft announcing ...

The availability of an exploit that takes advantage of a critical vulnerability in Microsoft Corp.’s Windows 2000 software just a day after the flaw was disclosed is fueling concerns of another ...

As Microsoft recommends that users focus first on installing the MS09-065 patch released Tuesday, experts are agreeing with that advice because exploit code for remote execution appears to be right ...

Less than 24 hours after Microsoft said it couldn't patch Windows to fix a systemic problem, attack code appeared Tuesday to exploit the company's software. Also on Tuesday, a security firm that's ...