GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

In late May 2023, a critical flaw in the MOVEit file-transfer platform was publicly disclosed. Within hours, the Cl0p ransomware group had a working exploit and was already stealing data from hundreds ...

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. Parallels Desktop ...

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now.

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...