A disgruntled researcher has released a third wave of Windows zero-day exploits, including a BitLocker encryption bypass (Yellow Key) and a privilege escalation vulnerability (GreenPlasma)

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early lead getting 13 points in their chase for the "Master of ...

As computers and software become increasingly sophisticated, hackers need to rapidly adapt to the latest developments and devise new strategies to plan and execute cyberattacks. One common strategy to maliciously infiltrate computer systems is known as ...

Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surveillance vendors (CSVs) represents a worldwide danger because they inevitably find their way into the hands of malicious parties, even when the CSVs ...

It’s a case of search-engine failure. Google has issued a security alert to Chrome users after confirming that cybercriminals had exploited a vulnerable system, marking the second such advisory in days. Dubbed CVE-2026-5281, this stealth bug is zero-day ...

On April 2, 2026, a security researcher using the name Chaotic Eclipse published a blog post stating that they were "doing it again." Under this warning, a link to a GitHub account page for a user named "Nightmare Eclipse" containing an exploit known as ...

The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. The design premise for MCP began with a commendable goal of ...

It's not clear how many people were compromised by this hacking campaign, but a security researcher said the hackers were targeting victims since at least November 2025.