A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's ...

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 ...

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

Microsoft releases an out-of-band hotpatch for critical Windows 11 RRAS vulnerabilities that could allow remote code ...

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.

A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.

Azure Monitor is abused to send phishing emails from real Microsoft addresses, bypassing SPF, DKIM, and DMARC checks.

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.