Microsoft is warning Windows users that they're vulnerable to a new zero-day flaw that attackers have been exploiting to remotely execute arbitrary code. "At this time, we are aware of limited, ...

Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security ...

The company described the activity as an “extremely sophisticated attack” aimed at specific individuals. Although Apple did not identify the attackers or victims, the limited scope strongly suggests ...

SonicWall Wednesday disclosed a zero-day vulnerability impacting its SMA1000 access platform that is under active exploitation via chained attacks. CVE-2025-40602 is a medium-severity local privilege ...

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Following the recent confirmation that hackers exploited a ...

“There are no workarounds identified that directly mitigate the risk concerning this attack campaign,” is not what you want to read, having just been informed of a zero-day exploit concerning a Common ...

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...

Apple has released emergency security updates to fix two zero-day vulnerabilities that attackers actively exploited in highly targeted attacks. The company described the activity as an "extremely ...