Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

A global cross-industry credential theft campaign is exploiting public-facing Web applications vulnerable to React2Shell and then deploying an automated collection tool to steal credentials and other ...

Drift Protocol initiated onchain contact with wallets tied to the $280 million exploit as an unknown sender also attempts to pressure the attacker. Drift Protocol, a Solana-based decentralized ...

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and then suggested ways to exploit them. Developers can spend days using fuzzing ...

A threat researcher estimates the exploit could reach $200 million and may be linked to a compromised private key. Drift Protocol, a decentralized cryptocurrency exchange (DEX), detected unusual ...

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to ‘DarkSword’ Exploit Your email has been sent In a rare move, Apple is rewriting its own security playbook to stop a fast-spreading ...

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud ...

A disgruntled security researcher has made good on a threat. A security researcher going by the aliases Chaotic Eclipse and Nightmare-Eclipse published exploit code for a Windows privilege escalation ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. An autonomous agent found, analyzed and exploited a FreeBSD kernel vulnerability in four ...