Security News

Overwrite arbitrary files? Load arbitrary code? As setuid root? Sure, why not! X.org, the X Window server used by various Linux and BSD operating systems, has – depending on its configuration – a...

A new zero-day vulnerability in Windows was made public on Twitter by the same researcher who published an exploit for a bug in the Windows Task Scheduler at the end of August. read more

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept...

Kaspersky Lab security researchers have analyzed another exploit tool that was supposedly stolen from the National Security Agency-linked Equation Group. read more

Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.

Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited via Microsoft Edge has been...

A threat actor was observed targeting Drupal vulnerabilities patched earlier this year to install a backdoor on compromised servers, IBM reports. read more

This is the second local privilege-escalation zero-day this APT group has exploited.

Suspect Allegedly Led Team of Self-Styled 'Master Italian Hackers'Memo to hackers: Boasting about your exploits on social media channels is a good way to get caught. Indeed, Italian police say...

A group of hackers believed to be operating out of China was observed using popular Microsoft Office exploits for the delivery of malware. read more