Google LLC’s Mandiant has published details of a critical privilege escalation vulnerability found in Microsoft Corp.’s Azure Kubernetes service that, though patched by Microsoft, could have allowed ...

The overall volume of kernel CVEs continues to climb: one security commentary noted the first 16 days of 2025 already saw 134 ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day. Tracked as ...

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. While ...

Researchers have developed an exploit for AMD CPUs that allows attackers to undermine memory protections, and thereby escalate privileges or perform remote code execution (RCE) in cloud environments.

An Iran-linked cyber-espionage group has been, in recent months, conducting cyberattacks in the United Arab Emirates (UAE) and the Gulf region by exploiting a privilege escalation flaw in Windows ...

Microsoft's CEO Satya Nadella has hailed the company's new Recall feature, which stores a history of your computer desktop and makes it available to AI for analysis, as “photographic memory” for your ...

Fortra has announced what it dubs a Microsoft security hole. There is no dispute that the privilege escalation issue exists, but there is much argument over whether it’s a flaw. Security vendor Fortra ...

Built under the Trifecta Tech Foundation’s “Privilege Boundary” initiative, sudo‑rs is a from-scratch implementation of sudo and su created in Rust, a language celebrated for its compile-time ...