Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Google has released a security update to patch a newly discovered zero-day in Chrome and the company warned an exploit exists in the wild. The update, published on February 13, was accompanied by an ...

Microsoft’s monthly release of security updates Tuesday included fixes for six vulnerabilities that are considered to be ...

APT28 rushed to exploit the Office vulnerability CVE-2026-21509, with the first attacks observed just days after Microsoft announced fixes.

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or ...

Forbes contributors publish independent expert analyses and insights. Lars Daniel covers digital evidence and forensics in life and law. Update Now—Apple releases critical updates to in response to ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Decentralised finance protocol CrossCurve has identified ten Ethereum wallet addresses involved in the exploit of its bridge ...