The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day exploits targeting Windows users.

Linux users have been bitten by yet another vulnerability that gives containers and untrusted users the ability to gain root access, marking the second time in as many weeks that a severe threat has caught defenders off guard.

In early 2025, Google’s Mandiant incident-response team documented something that upends a basic assumption of cybersecurity: in a growing number of cases, attackers are building working exploits for software vulnerabilities before the vendor has even shipped a fix.

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.

Dirty Frag, a new local privilege escalation vulnerability affecting major Linux distributions, may already be exploited in the wild.

When Palo Alto Networks’ Unit 42 team published its 2024 Incident Response Report, one number stood out: attackers were exploiting newly disclosed software flaws in a median time of roughly 10 hours.

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.”