Security news aggregator

Latest coverage for Exploit

Stay informed on the latest exploit trends and vulnerabilities. Get expert insights and updates on information security exploits with our dedicated tag.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

An exploit is code, data, or a sequence of actions that uses a software, hardware, or configuration vulnerability to produce unintended behavior. Depending on the flaw and the attacker’s access, it may enable unauthorized code execution, privilege escalation, information disclosure, or denial of service. Exploitation can occur remotely through exposed services, web applications, or client software, or locally after an attacker gains limited access.

Exploitation matters because a vulnerability becomes an active attack path when the required conditions are reachable and exploitable. Defenders should inventory affected assets, prioritize remediation when exploitation is known or credible, apply patches or vendor mitigations, and reduce exposure through access controls, segmentation, and secure configuration. Monitoring for exploit-specific indicators—such as abnormal requests, unexpected processes, or privilege changes—supports detection; systems suspected of successful exploitation require containment and investigation for follow-on access.

Showing 5 most recent headlines Filtered view

AG Says HealthAlliance Tried But Failed to Fix Zero-Day Flaw That Led to ExploitNew York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.

Bank Info Security 1 year, 7 months ago

Hackers Exploiting Cleo Software Zero-Day

Attackers Target Managed File Transfer Software VulnerabilitiesFile transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.

Bank Info Security 1 year, 7 months ago

Ransomware Hackers Exploiting Cleo Software Zero-Day

Attackers Target Managed File Transfer Software VulnerabilitiesFile transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn't fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG FirewallThe U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

From Automotive Exploits and Bootloader Bugs to Cybercrime and 'LLMbotomy' TrojansBlack Hat Europe returns to London with more than 45 keynotes and briefings tackling everything from bootloader bugs and flaws in artificial intelligence and large language model tools, to disrupting fake online brokerages and remotely hacking Volkswagen entertainment systems to track vehicles.