ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal ...
Security researcher Nightmare Eclipse has released a new Windows BitLocker bypass, only one day after publishing an exploit targeting Microsoft Defender. Named GreatXML, the fresh exploit allows users ...
Exploiting a race condition in Microsoft Defender, the exploit leads to local privilege escalation to SYSTEM. A security researcher has released another zero-day exploit targeting Microsoft’s Windows ...
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet.
Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini. Fuzzing for Software Security Testing and Quality Assurance by Ari Takanen, Charles Miller, Jared D Demott ...
A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. The technique works on default HTTP/2 configurations of major web ...