CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

Six zero-day flaws being exploited are now patched — users urged to update immediately Microsoft’s Patch Tuesday release addresses roughly 60 vulnerabilities overall. Microsoft has confirmed that ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, researchers at Check Point have said. The attackers leveraged ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

Artificial intelligence is revolutionizing the technology industry and this is equally true for the cybercrime ecosystem, as cybercriminals are increasingly leveraging generative AI to improve their ...