Hackers collect $439,250 after exploiting 29 zero-day vulnerabilities on the second day of Pwn2Own Automotive 2026.

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...

In early 2016, the Federal Bureau of Investigation reportedly paid more than $1.3 million for a software flaw that allowed it ...

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code execution (RCE).

Zero-day attacks have become a significant concern in the realm of cybersecurity, posing a formidable challenge to individuals and organizations alike. These attacks exploit vulnerabilities that are ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Some weeks start better than others. If you are a member of an ...

Ransomware actors have been observed exploiting a zero-day Bring Your Own Vulnerable Driver (BYOVD) flaw in Paragon Partition Manager. The CERT Coordination Center (CERT/CC) issued a security update ...

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...

Zero-day exploits are the ghosts in the machine, silent, invisible, and devastating when they finally make themselves known. Last week, Microsoft confirmed one of the most serious intrusions in recent ...

A sweeping cyber espionage campaign exploiting a newly discovered zero-day vulnerability in self-hosted Microsoft (MSFT) SharePoint servers compromised nearly 100 organizations, researchers at Eye ...