Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

McGraw-Hill confirms a data exposure tied to a Salesforce misconfiguration as hackers claim 45M records, raising concerns ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Opinion
ICITOpinion

AI Vulnerability Discovery and the Case for Systems Security Engineering

For decades, the approach to building technology has operated on an implicit assumption that security could be addressed after the fact...This created an environment in which building technology that ...

Hack Alert Issued Over Security Weakness in Software Used by Pakistani Firms

The government has issued an advisory regarding a critical vulnerability in Fortinet’s FortiClient EMS, which is affecting ...