Microsoft Defender Vulnerability Allows Attackers to Elevate Privileges
A newly disclosed security flaw in Microsoft Defender for Endpoint could allow attackers with local access to elevate their privileges...
Read more →Category: CyberSecurityNews
Microsoft Warns of AD CS Vulnerability Let Attacker Deny Service Over a Network
Microsoft has issued a security advisory regarding a new vulnerability in Active Directory Certificate Services (AD CS) that could allow...
Read more →
82,000+ WordPress Sites Exposed to Remote Code Execution Attacks
Critical vulnerabilities were identified in TheGem, a premium WordPress theme with more than 82,000 installations worldwide. Researchers identified two separate...
Read more →
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network
Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to...
Read more →
Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access
Ivanti has released security updates to address a critical authentication bypass vulnerability in its Neurons for ITSM (IT Service Management)...
Read more →
FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code
Fortinet has disclosed a critical stack-based buffer overflow vulnerability (CVE-2025-32756) affecting multiple products in its security portfolio, with confirmed exploitation...
Read more →
Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation
Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges...
Read more →
72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Days
Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem,...
Read more →
Windows Common Log File System 0-Day Vulnerability Actively Exploited in the Wild
Microsoft has confirmed that threat actors are actively exploiting two critical vulnerabilities in the Windows Common Log File System (CLFS)...
Read more →
Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
Microsoft has disclosed a critical memory corruption vulnerability in its Scripting Engine (CVE-2025-30397), which allows unauthorized attackers to execute code...
Read more →
Microsoft Windows 11 Insider Preview Build 26200.5600 Released
Microsoft has rolled out Windows 11 Insider Preview Build 26200.5600 (KB5058493) to the Dev Channel, bringing a host of new...
Read more →
Windows Ancillary for WinSock 0-Day Vulnerability Let Attackers Escalate Privileges
Microsoft has patched an actively exploited zero-day vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) as part of...
Read more →