Infosecurity Magazine

Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...
Forbes

CVE Program Funding Reinstated—What It Means And What To Do Next

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...
Cybernews

CISA flags six actively exploited Microsoft zero-days

CISA adds six Microsoft zero-days to its KEV catalog, confirming active exploitation. The flaws include security bypass bugs and a Remote Desktop privilege escalation issue.
Infosecurity-magazine.com

Navigating the Vulnerability Maze: Understanding CVE, CWE, and CVSS

The Forum of Incident Response and Security Teams (FIRST) officially launched the fourth version of the Common Vulnerability Scoring System (CVSS 4.0), in November 2023. CVSS 4.0, the industry ...
Ars Technica

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s ...

Update Your iPhone Now! Apple Issues Urgent Upgrade To iOS 26.3, Fixes 39 Hacking Vulnerabilites

Apple has rolled out iOS 26.3, urging all compatible iPhone users to install the update immediately. This latest software ...