Microsoft has detailed how Windows customers can defend themselves from automated 'Kerberos Relay' attacks that can give an attacker System privileges on a Windows machine. Microsoft has responded to ...

Splunk for Windows has a high-severity flaw that lets local users escalate privileges through misconfigured file permissions. Learn how to fix it. Image generated by Google’s Nano Banana A newly ...

Slovak cybersecurity company ESET says a newly patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited in attacks since March 2023. The February 2025 Android security ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

Free unofficial patches have been released to protect Windows users from a local privilege escalation (LPE) zero-day vulnerability in the Mobile Device Management Service impacting Windows 10, version ...

Editor’s note: This article, originally published on September 13, 2023, has been updated with new research on a similar vulnerability. The latest version of Kubernetes released last month includes ...

Threat actors have been observed exploiting a privilege escalation vulnerability on the Windows Backup and Restore service. "[...] CVE-2023-21752 is a vulnerability which allows a basic user to ...

Several new techniques have become available recently that give attackers a way to abuse legitimate Windows services and relatively easily escalate low-level privileges on a system to gain full ...

After a pair of PrintNightmare vulnerabilities, the last thing the Windows Print Spooler needed was a third vulnerability, and yet it exists. Microsoft has announced CVE-2021-34481 allows for local ...