Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...

When Ivanti disclosed critical flaws in its Connect Secure VPN gateway in January 2024, attackers had working exploits ...

The $10 million THORChain exploit was caused by a vulnerability in its GG20 signing framework, which allowed the hacker to ...

A security incident has affected StakeDAO’s infrastructure on Arbitrum, with researchers identifying abnormal activity tied ...

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

CISA added two exploited bugs to KEV, forcing federal agencies to patch Langflow and Apex One flaws by June 4, 2026.

Linux users have been bitten by yet another vulnerability that gives containers and untrusted users the ability to gain root access, marking the second time in as many weeks that a severe threat has ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

PoC code has been released for DirtyDecrypt, a recently patched Linux kernel vulnerability allowing privilege escalation to ...

Vulnerability exploitation has overtaken compromised credentials for the first time in nearly two decades as the most common ...

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...

Two healthcare organizations in the UK are said to be among the victims of a malicious campaign involving the exploitation of a vulnerability linked to cybersecurity hardware provider Ivanti.