Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update groove on ASAP.

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in ...

Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.

Microsoft has issued a critical alert regarding multiple zero-day vulnerabilities in Windows and Office, actively exploited ...

Warlock ransomware breached SmarterTools via unpatched SmarterMail, exploiting critical flaws to access Windows systems and deploy encryption payloads ...

Intel has partnered with Google to conduct a security review of its TDX technology, which led to the discovery of 5 vulnerabilities.

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...