Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

Security firm Arctic Wolf has uncovered a sophisticated BlueNoroff campaign targeting North American Web3 and cryptocurrency companies using fake Zoom meetings. The attackers created convincing video ...

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...

Microsoft is dealing with a newly disclosed zero-day vulnerability in Windows that could allow attackers to gain full system control, with no official fix available yet. The flaw, called BlueHammer, ...

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in ...

Drift Protocol initiated onchain contact with wallets tied to the $280 million exploit as an unknown sender also attempts to pressure the attacker. Drift Protocol, a Solana-based decentralized ...