Tech Times

Linux Kernel Root Exploit Published: DirtyClone Attack Leaves No Trace

Linux kernel privilege escalation exploit DirtyClone (CVE-2026-43503) is publicly documented: JFrog published a working attack walkthrough Thursday showing how any local user can gain root on ...
Tech Times

Cisco SD-WAN Zero-Day Exploit: Mandiant Reveals Malicious CSV Opened Root Shell

Cisco SD-WAN zero-day CVE-2026-20245 was exploited months before disclosure: Mandiant reveals how a malicious CSV file ...

New macOS ClickFix attack silently mounts DMGs to push infostealer

A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from ...
OSTechNix

Nmap Commands Explained: The Complete Guide to Network Scanning

Learn essential Nmap commands for network scanning, port discovery, and OS detection. Complete guide with examples and a ...

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
The Hacker News

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender.
theregister

Angry bug hunter with Microsoft beef drops new Windows 0-day

They are angry at Redmond and will have their revenge. Nightmare Eclipse, the prolific bug hunter and possibly disgruntled ex-Microsoft employee, disclosed another zero-day vulnerability just hours ...
b2b-cyber-security

BitLocker YellowKey: Another exploit against Microsoft's patch script

A new BitLocker exploit, codenamed "Bitskrieg," has been released, building upon the zero-day release of Chaotic Eclipse. According to reports, it bypasses Microsoft's existing countermeasures against ...
Bleeping Computer

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

Update: Added statement from Microsoft to the end of this article. A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two ...
crypto

Humanity Protocol says compromised admin keys led to $36M exploit

Humanity Protocol has disclosed that more than $36 million worth of H tokens have been stolen after attackers compromised multiple administrative keys and seized control of bridge infrastructure ...
Crypto Briefing

Humanity Protocol blames H token exploit on developer machine compromise

Humanity Protocol said the exploit that hit its H token late Monday was caused by a compromised developer machine that exposed several private keys tied to the project’s token and bridge ...
spotlightpa

2026 midterms poised to have less federal oversight as Trump admin defangs election watchdog

This article is made possible through Spotlight PA’s partnership with NOTUS, a nonpartisan news organization that covers government and politics with the fresh eyes of early career journalists and the ...