Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...

The tech giant released a patch in a January 26 advisory for the flaw which has been summarized as an over-reliance on ...

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025 ...

Also, cybercriminals get breached, Gemini spills the calendar beans, and more infosec in brief T'was a dark few days for ...

Mass scanning is underway for CVE-2026-20045, which Cisco tagged as critical because successful exploitation could lead to a ...

Hackers collect $439,250 after exploiting 29 zero-day vulnerabilities on the second day of Pwn2Own Automotive 2026.

A sweeping cyber espionage campaign exploiting a newly discovered zero-day vulnerability in self-hosted Microsoft (MSFT) SharePoint servers compromised nearly 100 organizations, researchers at Eye ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Some weeks start better than others. If you are a member of an ...

Cisco announced patches for CVE-2026-20045, a zero-day vulnerability in Unified CM that has been targeted by hackers.