Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

📖 Docs site: https://crashoz.github.io/mcp-exploit-tools/ — the exploit write-ups, rendered. A minimal, low-level MCP server with zero third-party dependencies ...

The zero-day "nightmare" apparently isn't over for Microsoft, as a disgruntled researcher who's been feuding with the company for the past three months has dropped yet another proof-of-concept (PoC) ...

Exploiting a race condition in Microsoft Defender, the exploit leads to local privilege escalation to SYSTEM. A security researcher has released another zero-day exploit targeting Microsoft’s Windows ...

Nightmare Eclipse is back: the anonymous researcher has released another Windows zero-day, this time dubbed RoguePlanet, targeting Microsoft Defender on fully patched Windows 10 and 11 systems and ...

The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet.

Update: Added statement from Microsoft to the end of this article. A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two ...

A tiny Linux kernel mistake is now a serious local-root risk for systems that have not been updated. CVE-2026-23111 affects nf_tables, the kernel subsystem behind nftables, and public exploit ...

University of Toronto researchers demonstrate how open-weight local LLMs can be used to autonomously exploit flaws and misconfigurations typical found in most enterprise networks, feeding off abused ...