Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system.
Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures.
Broadcom Wi-Fi chips embedded in Android and iOS devices are vulnerable to a bug that allows an attacker to execute code on their devices, without any interaction needed from the user.
A team of eight researchers from various universities has found a bug in the Libcrypto library that allows an attacker with local access to extract the RSA-1024 private key that was used to encrypt local data.
A bug in systemd — an init system used in many Linux distributions to start and manage processes — allows an attacker to crash or take over machines via malicious DNS packets.
Microsoft promoted today the Edge browser to a permanent spot in its bug bounty program, in which, Edge was only part in a limited role.
A vulnerability nicknamed "Stack Clash" allows an attacker to gain root privileges on a UNIX system and take over vulnerable machines.
IP cameras manufactured by Chinese vendor Fosscam are riddled with security flaws that allow an attacker to take over the device and penetrate your network.
A group of security researchers have set up a Patreon page to raise funds necessary to buy their way into the first batch of monthly exploit the Shadow Brokers promised on Tuesday.
Security researchers from WhiteScope have uncovered over 8,600 vulnerabilities in pacemaker systems and the third-party libraries used to power various of their components.
According to an advisory released yesterday, Samba software released in the last seven years is vulnerable to a remote code execution vulnerability that allows an attacker to upload and execute code on the user's machine. Depending on the attacker's skill, he can easily take over vulnerable devices.
A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target's PC and effectively take over the device.
Yahoo's engineering staff have retired the ImageMagick library from active duty after a security researcher found a bug that would have allowed an attacker to expose server memory, which, due to the library's nature, leaked image data from users' inboxes.
Security researchers from SEC Consult have found eight vulnerabilities in the firmware of Western Digital TV Media Player that allow hackers a multitude of ways to hack and take over the device.
Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information.
In an emergency out-of-band update released late last night, Microsoft fixed a vulnerability in the Microsoft Malware Protection Engine discovered by two Google security experts over the weekend, and which the two described as "crazy bad" and "the worst Windows remote code exec in recent memory."
Two Google security experts have found a severe remote code execution (RCE) bug in the Windows OS, which they've described as "crazy bad."
A severe security flaw in the implementation of the SNMP protocol allows an attacker to take over at least 58 cable modem models, according to a team of researchers.
Security researchers from Neseso are sounding the alarm on a vulnerability they've discovered in Samsung smart TVs that Samsung declined to fix.
A vulnerability in the Microsoft Edge browser can be exploited and allow an attacker to obtain a user's password and cookie files for various online accounts.