Endpoint Security
A stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device.
Hi, what are you looking for?
A variant of DirtyFrag, the flaw allows unprivileged local users to manipulate the Linux page cache and gain root privileges.
A stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device.
The exploitation is mitigated by preventing the FsTx Auto Recovery Utility from starting when the WinRE image launches.
Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack...
Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root.
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail.
Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released.
CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing.
Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions.
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.
CrowdStrike has fixed a critical LogScale vulnerability, while Tenable addressed a high-severity Nessus flaw.
Researchers have demonstrated that GPU Rowhammer attacks can be used to escalate privileges.
The computer giants have announced new security capabilities for PCs and printers.
Apple released security fixes for older devices as well, in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5.
The company’s endpoint security platform monitors behavior and verifies user intent to stop cyberattacks in real time.
The lightweight updates are meant to deliver security protections between security updates.
The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration.