SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...
cybernews

GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”

GitHub has terminated the account of “Nightmare-Eclipse,” an anonymous rogue security researcher known for dropping critical unpatched Windows vulnerabilities since Microsoft left them “homeless with ...
IGN

Forza Horizon 6 Players Are Using Exploits to Farm Easy Credits and Unlock Every Car

Forza Horizon 6 players are exploiting certain parts of the game so that they can quickly and easily unlock every vehicle in the game. As spotted by GamesRadar, YouTuber XMBWesley posted a guide on ...
Variety

Watch New Trailer for Gregg Allman Documentary: ‘The Music of My Soul’ (EXCLUSIVE)

The story of Gregg Allman is one of the most triumphant and tragic in rock history, comprising the rise of the Allman Brothers Band he co-founded with his older brother Duane in the still-divided ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Microsoft

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and AWS ...
Infosecurity-magazine.com

Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector

Vulnerability exploitation has overtaken compromised credentials for the first time in nearly two decades as the most common initial access vector for data breaches, according to Verizon. The tech ...
Windows Report

Microsoft Rushes to Mitigate Dangerous New “YellowKey” Windows Exploit

The newly exposed Windows security flaw, dubbed “YellowKey,” has become a major headache for Microsoft. After the exploit details leaked publicly alongside a working proof-of-concept, the company has ...
Forbes

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Microsoft confirms Exchange zero-day, CISA warns it's under active exploitation. Updated May ...
SecurityWeek

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE

A security researcher has released an exploit targeting a Windows vulnerability disclosed in 2020, warning that it might have never been patched. The flaw, tracked as CVE-2020-17103 (CVSS score of 7.0 ...
The Hacker News

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw ...