Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.

Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

The disclosure of a new exploit technique that bypasses an important Windows security feature may result in more successful attacks against Microsoft's newer operating systems, researchers said today.

State-sponsored APTs from North Korea, Iran, Russia, and China are targeting victims using a Windows shortcut file exploit, according to new research from Trend Micro’s Zero Day Initiative (ZDI). In ...

Patch Tuesday has passed, and we are now left with what is colloquially known in cybersecurity circles as Exploit Wednesday. This month, that could be more problematic for Windows users than usual as ...

Attackers are already actively exploiting two vulnerabilities for which Microsoft issued patches on Nov. 12 as part of its monthly security update. And they could soon begin targeting two other ...

The security advisory gave out few details of the vulnerability, only saying that it was a flaw in the RPC (Remote Procedure Call) component, and could result in a denial-of-service attack that would ...

Hackers are now exploiting the zero-day Windows vulnerability that a Google engineer took public last week, Microsoft confirmed today. Although Microsoft did not share details of the attack, other ...

Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a threat to system security. This allows attackers to deploy the driver with ...

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. "We assess ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.