Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. Dubbed ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud ...

A disgruntled security researcher has made good on a threat. A security researcher going by the aliases Chaotic Eclipse and Nightmare-Eclipse published exploit code for a Windows privilege escalation ...

Elliptic said Thursday the $285 million Drift Protocol exploit, the largest this year, carries “multiple indicators” of North Korea’s state-sponsored DPRK hacker group involvement. The research firm ...

A malware campaign which targets macOS systems, distributed using a ClickFix attack, has evolved to exploit Script Editor as the execution vector rather than the typical Terminal-based point of ...

A major decentralised finance (DeFi) platform has suffered a suspected exploit exceeding $270 million, with onchain data showing large volumes of assets rapidly moved to a single wallet. Blockchain ...

AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice Your email has been sent Google’s AI agent Big Sleep identified the critical vulnerability CVE-2025-6965 before cybercriminals could ...