Lucene search
+L

980 matches found

thn
thn
added yesterday11 views

Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

Security researcher Chaotic Eclipse aka Nightmare-Eclipse has released a new proof-of-concept PoC exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of privileges vulnerability. The Windows User Profile Service, also referred to as...

9.8CVSS7.2AI score0.07047EPSS
Exploits0
qualysblog
qualysblog
added 2 days ago12 views

Microsoft and Adobe Patch Tuesday, July 2026 Security Update Review

Microsoft's July 2026 Patch Tuesday delivers security updates for a broad range of products and services, including several vulnerabilities that pose significant risks to enterprise environments. As attackers continue to target unpatched systems, the timely deployment of these updates remains one...

9.8CVSS7.5AI score0.1972EPSS
Exploits1
talosblog
talosblog
added 2 days ago5 views

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical." Microsoft notes that two of the vulnerabilities disclosed this month have been exploited in the wild. CVE-2026-5615...

9.9CVSS7.6AI score0.1972EPSS
Exploits1
malwarebytes
malwarebytes
added 2026/06/15 7:1 a.m.26 views

A week in security (June 8 – June 14)

Last week on Malwarebytes Labs: Stolen iPhones could soon be worth a lot less to thieves Fake verification pages are stealing Steam accounts from players Google can be liable for false AI Overviews, court rules VRChat says reported data breach never happened Children’s phones must block nude imag...

5.4AI score
Exploits0
wired
wired
added 2026/06/13 10:30 a.m.24 views

The FCC Wants to Kill Burner Phones

Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more...

5.3AI score
Exploits0
malwarebytes
malwarebytes
added 2026/06/10 12:43 p.m.10 views

Microsoft’s biggest-ever Patch Tuesday fixes 206 bugs, including 3 zero-days

This month’s Patch Tuesday fixes 206 security flaws in Microsoft software, making it the biggest Patch Tuesday release ever. The update includes 32 critical vulnerabilities, as well as three publicly disclosed zero-days. Microsoft classifies these as zero-days because information about the...

7.8CVSS6.1AI score0.48438EPSS
Exploits2
hackread
hackread
added 2026/06/10 9:20 a.m.18 views

Microsoft June 2026 Patch Tuesday Fixes 206 Flaws and 3 Zero-Days

Microsoft’s June 2026 patch Tuesday resolves 206 vulnerabilities, including 3 critical zero-days and severe 9.8 CVSS kernel, network and HTTP.sys flaws...

5.5AI score
Exploits0
thn
thn
added 2026/06/10 5:22 a.m.119 views

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

The anonymous security researcher going by the name Chaotic Eclipse aka Nightmare-Eclipse has released a proof-of-concept PoC exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit...

7.8CVSS6.4AI score0.08371EPSS
Exploits2
krebs
krebs
added 2026/06/09 10:7 p.m.17 views

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and...

7.5CVSS6.1AI score0.48438EPSS
Exploits2
talosblog
talosblog
added 2026/06/09 9:21 p.m.15 views

Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for June 2026, which includes 206 vulnerabilities affecting a range of products, including 32 that Microsoft marked as "critical". Out of 32 "critical" entries, 28 are remote code execution RCE vulnerabilities in Microsoft Windows services and...

9.8CVSS8.3AI score0.21506EPSS
Exploits1
rapid7blog
rapid7blog
added 2026/06/09 9:4 p.m.26 views

Patch Tuesday - June 2026

Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to last month’s Patch Tuesday, however several of last month’s vulnerabilities...

8.4CVSS6.2AI score0.00814EPSS
Exploits0
malwarebytes
malwarebytes
added 2026/05/18 7:2 a.m.17 views

A week in security (May 11 – May 17)

Last week on Malwarebytes Labs: Attackers replaced JDownloader installer downloads with malware Meta’s confusing new approach to chat privacy Why Malwarebytes blocks some Yahoo Mail redirects Fake Claude search results lure Mac users into ClickFix attack Deepfake sextortion forces schools to remo...

5.8AI score
Exploits0
malwarebytes
malwarebytes
added 2026/05/13 11:0 a.m.19 views

May 2026 Patch Tuesday: no zero-days but plenty to fix

This month’s Patch Tuesday remedies 137 security vulnerabilities, including 31 marked critical by Microsoft, with no zero-days actively exploited in the wild. Microsoft defines a zero-day as “a flaw in software for which no official patch or security update is available yet.” This month, Microsof...

8.4CVSS7AI score0.00605EPSS
Exploits0
krebs
krebs
added 2026/05/12 9:46 p.m.34 views

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers --...

9.8CVSS6.3AI score0.72253EPSS
Exploits36
talosblog
talosblog
added 2026/05/12 7:57 p.m.18 views

Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities

By Jaeson Schultz Microsoft has released its monthly security update for May 2026, which includes 137 vulnerabilities affecting a range of products, including 31 that Microsoft marked as "critical". In this month's release, Microsoft has not observed any of the included vulnerabilities being...

9.9CVSS6.8AI score0.72253EPSS
Exploits40
qualysblog
qualysblog
added 2026/05/12 7:50 p.m.13 views

Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review

May 2026's Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for May 2026 This...

10CVSS6.8AI score0.72253EPSS
Exploits36
msrc
msrc
added 2026/05/12 12:0 a.m.10 views

A note on this month's Patch Tuesday

Each Patch Tuesday looks a little different. Some months are quieter, others are larger. This month's release sits on the larger side of a hotpatch month, and we expect releases to continue trending larger for some time. Every update reflects investments we have made across the development...

5.8AI score
Exploits0
avleonov
avleonov
added 2026/04/28 6:0 p.m.14 views

April "In the Trend of VM" (#26): one Microsoft SharePoint vulnerability

April "In the Trend of VM" 26: one Microsoft SharePoint vulnerability. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. Once again, it is single-vendor, Microsoft-related, and this time it could not be more compact. While the previous Marc...

9.8CVSS5.8AI score0.2943EPSS
Exploits0
thn
thn
added 2026/04/28 5:50 a.m.22 views

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 CVSS score: 4.3, a spoofing vulnerability that could allow an attacker to...

8.8CVSS7.4AI score0.64095EPSS
Exploits5
thn
thn
added 2026/04/15 12:37 p.m.14 views

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse CVE-2026-2768...

9.9CVSS6.8AI score0.48668EPSS
Exploits12
Rows per page
Query Builder