CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild. This high severity security ...

Splunk for Windows has a high-severity flaw that lets local users escalate privileges through misconfigured file permissions. Learn how to fix it. Image generated by Google’s Nano Banana A newly ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd ...

A critical security vulnerability affecting the JumpCloud Remote Assist for Windows agent has been identified, exposing managed endpoints to local privilege escalation and denial-of-service (DoS) ...

The privilege escalation flaw in the Win23k driver affects older versions of Windows and is one of six zero-day vulnerabilities fixed by Microsoft in its March patch cycle. Microsoft has released ...

Editor’s note: This article, originally published on September 13, 2023, has been updated with new research on a similar vulnerability. The latest version of Kubernetes released last month includes ...

Microsoft has detailed how Windows customers can defend themselves from automated 'Kerberos Relay' attacks that can give an attacker System privileges on a Windows machine. Microsoft has responded to ...

Threat actors have been observed exploiting a privilege escalation vulnerability on the Windows Backup and Restore service. "[...] CVE-2023-21752 is a vulnerability which allows a basic user to ...

Microsoft has introduced a significant security upgrade in its latest preview edition of Windows that aims to lock down local administrator privileges, making it much harder for cyberattackers to ...