Security News

Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous...

The PowerPool gang launched its attack just two days after the zero-day in the Windows Task Scheduler was disclosed.

Don't wait for Patch Tuesday – check out these mitigations The Windows APLC security hole that emerged early last week remains unpatched, even though it is being actively exploited by hackers to...

A threat group tracked by security firm ESET as “PowerPool” has been exploiting a Windows zero-day vulnerability to elevate the privileges of a backdoor in targeted attacks. read more

Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability affecting Windows. Microsoft has,...

A patch is available for a read more

Exploit Code Published After Disclosure Process Appears to Have Gone SidewaysMicrosoft appears set to patch a zero-day local privilege escalation vulnerability after a research published...

A Windows task scheduler API function does not check permissions - so any potential local bad actor can alter them to gain elevated privileges.

A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The user in question deleted...

There is no known workaround for the security flaw.