Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a ...

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...

An OpenSSH vulnerability introduced 15 years ago could allow attackers to obtain full root shell access to vulnerable servers ...

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

New clnimg-init binary automates the transition to hardened production runtimes, allowing developers to keep their existing Dockerfiles, pipelines, and workflows intact while security teams get ...

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. On March 10, 2026, Microsoft patched ...

description: Detects the creation of known powershell scripts for exploitation - https://github.com/BC-SECURITY/Invoke-ZeroLogon/blob/master/Invoke-ZeroLogon.ps1 ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.