Still using Windows 10? You're a prime target for ransomware now - unless you do this

ZDNET's key takeaways Millions of computers globally are still running Windows 10.Attackers are ready, willing, and able to ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit

A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...
Bleeping Computer

Researchers Port NSA EternalBlue Exploit to Windows 10

Experts at RiskSense have ported the leaked NSA exploit named ETERNALBLUE for the Windows 10 platform. This is the same exploit that was used by the WannaCry ransomware as part of its SMB ...
ZDNet

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the ...
Threat Post

Windows PoC Exploit Released for Wormable RCE

The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft’s Patch Tuesday release last week. Microsoft discovered the flaw internally, ...
ZDNet

Microsoft Windows zero-day exploit hits the market with $90,000 price tag

Russian hackers are selling a zero-day vulnerability for $90,000 which allegedly works against many different evolutions of the Microsoft Windows operating system. The exploit is on sale in the ...
Ars Technica

Exploit for wormable BlueKeep Windows bug released into the wild

For months, security practitioners have worried about the public release of attack code exploiting BlueKeep, the critical vulnerability in older versions of Microsoft Windows that’s “wormable,” ...
Ars Technica

Microsoft patches 3 Windows 0-days under active exploit

Microsoft has patched three actively exploited vulnerabilities that allow attackers to execute malicious code or elevate system privileges on devices that run Windows. Two of the security ...
Forbes

Windows ‘BlueKeep’ Attack That U.S. Government Warned About Is Happening Right Now

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This article is more than 6 years old. Microsoft, the NSA and ...
PC World

Windows Shortcut Exploit: What You Need to Know

Microsoft released Security Advisory 2286198 late last week to address a newly-discovered zero-day flaw that can be exploited simply by clicking a shortcut icon. However, that original guidance is ...