Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...

In early 2016, the Federal Bureau of Investigation reportedly paid more than $1.3 million for a software flaw that allowed it ...

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code execution (RCE).

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Some weeks start better than others. If you are a member of an ...

Zero-day exploits are the ghosts in the machine, silent, invisible, and devastating when they finally make themselves known. Last week, Microsoft confirmed one of the most serious intrusions in recent ...

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...

CrushFTP, a service that provides users with secure file server software, has recently been targeted by hackers. Unfortunately, it seems as if some customers have been compromised, with thousands of ...

A sweeping cyber espionage campaign exploiting a newly discovered zero-day vulnerability in self-hosted Microsoft (MSFT) SharePoint servers compromised nearly 100 organizations, researchers at Eye ...

A zero-day exploit targeted Google Chrome users has been patched by Apple. Their latest updates target a variety of devices and operating systems. Image: MR/Adobe Stock Apple recently issued a round ...