SecurityWeek

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE

The MiniPlasma exploit targets CVE-2020-17103, a Windows vulnerability that should have been patched in December 2020.

Exploit released for new PinTheft Arch Linux root escalation flaw

PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) ...

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants ...
Windows Report

Microsoft Criticizes YellowKey PoC as Researcher Fires Back

The YellowKey BitLocker exploit release has triggered another public clash between Microsoft and Nightmare-Eclipse.

Privilege escalation in Linux: Local users can read foreign files

The vulnerability was known for years, fixed Thursday. Hours later, an exploit is available as the kernel team prepares countermeasures.
Hosted on MSN

Exploits now arrive 10 hours after a vulnerability is published — down from days just two years ago

When Ivanti disclosed critical flaws in its Connect Secure VPN gateway in January 2024, attackers had working exploits circulating within roughly 24 hours. By the time most IT teams scheduled a patch ...
Hosted on MSN

Google confirms first AI-assisted zero-day exploit attempt

First AI zero-day: Google reports the first known zero-day exploit developed with AI, targeting a 2FA bypass in an open-source admin tool. Attack disrupted: The planned mass exploitation was stopped ...