A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched ...

A new way to escalate privileges inside Google’s Vertex AI highlights a broader problem: Enterprises have a level of trust in ...

Microsoft’s January 2026 Patch Tuesday fixes 114 Windows flaws, including an actively exploited Desktop Window Manager bug ...

It's the pits for admins: Researchers have discovered a threat actor achieving admin-level access on targeted systems by deploying a new, sophisticated downloader and a couple of privilege escalation ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd ...

Severe vulnerabilities have been discovered in Microsoft’s AI healthcare chatbot service, allowing access to user and customer information, according to Tenable researchers. The level of access ...

A GCP Cloud Run known as "ImageRunner" would have enabled privilege escalation for threat actors who obtained low-level credentials had Google not addressed the vulnerability in January. Tenable on ...

Five Local Privilege Escalation (LPE) vulnerabilities in Ubuntu Server’s needrestart utility have been discovered. These flaws, found by the Qualys Threat Research Unit (TRU), affect versions prior to ...

The privilege escalation flaw in the Win23k driver affects older versions of Windows and is one of six zero-day vulnerabilities fixed by Microsoft in its March patch cycle. Microsoft has released ...

Paragon Partition Manager's BioNTdrv.sys, prior to version 2.0.0, includes five vulnerabilities allowing privilege escalation and DoS attacks. Paragon Partition Manager's BioNTdrv.sys driver, versions ...