A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and ...

The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) ...

During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft ...

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages.

Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the ...

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at ...

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow ...

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was ...

Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of ...

Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month.