Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.

SolarWinds has patched critical Web Help Desk vulnerabilities leading to unauthenticated RCE or authentication bypass.

QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing& up data to a QNAP network-attached storage (NAS) ...

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.

Microsoft forced to issue an emergency patch to fix an Office zero-day being actively exploited.

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows' own security architecture.

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware.

A growing number of Windows laptops feature fingerprint sensors with support for Microsoft’s Windows Hello technology. The idea is to let users login quickly by tapping a finger against the sensor ...

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to ...

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.

Nearly half (49%) of C-level executives have requested to bypass one or more security measures in the past year, highlighting a concerning disparity between what business leaders say about cyber and ...