A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...

Security researchers who analyzed attackers' exploit testing process concluded that exploits never go out of style. Many can remain popular and reliable tools over time, partly due to dependence on ...

A new exploit that prompted Adobe to release an emergency patch for Flash Player was used in targeted attacks that distributed malware designed to steal log-in credentials for email and other online ...

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. A critical vulnerability ...

Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers. A vulnerability in the popular Apache Tomcat web server is ripe for active attack, ...

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...

Microsoft has just rolled out an update fixing 66 security vulnerabilities as part of this month's Patch Tuesday. One of them addresses a critical zero-day vulnerability that's being actively ...

Researchers have exploited a weakness in a particular strain of the Black Basta ransomware to release a decryptor for the malware, but it doesn't recover all of the files encrypted by the prolific ...

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.

U.S. CERT issued a brief warning on its Web site Monday stating that the organization was "aware of active exploitation using malicious Microsoft Access databases." The U.S. CERT is the operational ...