Dirty Frag, a critical Linux kernel zero-day vulnerability with no patch and giving hackers root, has gone public after an embargo was broken. Here’s the workaround.

A vulnerability tracked as CVE-2025-6965 has been entered into the National Vulnerability Database, the federal registry maintained by the National Institute of Standards and Technology that serves as ...

Microsoft has confirmed an emergency security update as CISA warns that two new Defender zero-days are being exploited by ...

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...

Microsoft is facing an onslaught of criticism from the cybersecurity community after the company said it would seek criminal prosecution against a disgruntled security researcher who published several ...

A new United Arab Emirates-based startup is offering up to $20 million for hacking tools that could help governments break into any smartphone with a text message. Apart from the highest bounty of $20 ...

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows ...

Chinese state hackers and spyware vendors are fueling a rise in zero-day attacks, which increasingly target enterprise software and devices — security and networking products in particular. Google ...

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. Attackers have been exploiting a ...