604 article(s)
The BlueHammer Windows zero-day exploit, leaked after a researcher’s frustration with Microsoft’s slow response, exposes deep problems in the company’s vulnerability disclosure process and leaves millions of systems at risk.
CISA has added another critical zero-day in Ivanti EPMM to its exploited vulnerabilities catalog, prompting urgent federal action after months of rampant attacks. Here's what you need to know about the flaw, the delayed response, and the new patch.
A critical zero-day vulnerability in Adobe Reader is being exploited with malicious PDFs targeting Russian oil and gas sectors. The attack requires no user interaction beyond opening the file, allowing hackers to steal data and potentially launch more severe attacks. No fix is available yet, so users must exercise extreme caution.
Public proof-of-concept code for Apache ActiveMQ vulnerabilities has surfaced, exposing thousands of enterprise systems to potential attack. Security experts warn of immediate risks and urge swift action to patch affected servers.
A newly discovered zero-day in Adobe Reader has been exploited via malicious PDFs since December 2025. Attackers use social engineering and advanced code to steal data and potentially take over systems.
A newly discovered zero-day vulnerability in Adobe Reader has been actively exploited by hackers using weaponized PDFs since December, enabling data theft and potential full system compromise. Users are urged to stay vigilant until Adobe releases a fix.
File Browser, a popular open-source file management tool, faces two severe vulnerabilities with public proof-of-concept exploits. Attackers can now bypass authentication or escalate privileges on unpatched servers. Users are urged to update immediately.
A critical zero-click vulnerability in Ivanti EPMM is under active exploitation, prompting CISA to issue urgent directives for both federal agencies and private organizations to patch immediately.
A sophisticated zero-day vulnerability in Adobe Reader has been exploited since at least November 2025, enabling attackers to harvest user data and potentially gain remote control. The exploit, discovered by researcher Haifei Li, evaded detection for months and uses Russian-language lures. Adobe is investigating as cybersecurity experts work to unravel the full attack chain.
A newly discovered remote code execution bug in Apache ActiveMQ Classic, hidden for 13 years, has exposed countless enterprise systems to potential attacks. Learn how AI helped uncover this silent threat and what it means for legacy software security.