It's the pits for admins: Researchers have discovered a threat actor achieving admin-level access on targeted systems by deploying a new, sophisticated downloader and a couple of privilege escalation ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

A GCP Cloud Run known as "ImageRunner" would have enabled privilege escalation for threat actors who obtained low-level credentials had Google not addressed the vulnerability in January. Tenable on ...

A critical security vulnerability affecting the JumpCloud Remote Assist for Windows agent has been identified, exposing managed endpoints to local privilege escalation and denial-of-service (DoS) ...

The privilege escalation flaw in the Win23k driver affects older versions of Windows and is one of six zero-day vulnerabilities fixed by Microsoft in its March patch cycle. Microsoft has released ...

Zoom issued an urgent security advisory about a flaw in the Zoom client that could allow a user to gain higher level privileges and access that they are not authorized for. The Zoom web client is what ...

Five Local Privilege Escalation (LPE) vulnerabilities in Ubuntu Server’s needrestart utility have been discovered. These flaws, found by the Qualys Threat Research Unit (TRU), affect versions prior to ...

Nvidia has issued urgent security updates for its GPU display drivers after identifying multiple high-severity flaws that could allow attackers to execute arbitrary code and gain elevated privileges ...

A critical Zoom vulnerability put Windows users at risk of data theft and system compromise. Zoom has patched the flaw. Users should update immediately. Splunk for Windows has a high-severity flaw ...