Wired

Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks

In recent years, elite commercial spyware vendors like Intellexa and NSO Group have developed an array of powerful hacking tools that exploit rare and unpatched “zero-day” software vulnerabilities to ...
TechRepublic

Two Unpatched Windows Exploits Target BitLocker, SYSTEM Access

Two unpatched Windows exploit PoCs target BitLocker protections and privilege controls after Microsoft’s May Patch Tuesday security update. Microsoft’s quiet Patch Tuesday did not stay quiet for long.
Bleeping Computer

Exploits for unpatched Parallels Desktop flaw give root on Macs

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. Parallels Desktop ...
Bleeping Computer

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a ...
techtimes

Chrome Security Update Patches Two Critical RCE Flaws: One Exploit Still Public, Unpatched

Google pushed a security update for Chrome on May 19, 2026, patching 16 vulnerabilities — including two rated Critical — that could allow an attacker to execute arbitrary code on a victim's machine ...
Infosecurity-magazine.com

Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

Hackers are actively trying to simultaneously exploit three vulnerabilities in unpatched Palo Alto Networks firewall appliances. These flaws, all affecting Palo Alto’s PAN-OS web management interface, ...
CSOonline

Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits

While unpatched instances were reduced to half within a month, a huge number of them remain vulnerable even as attackers exploit the flaw in the wild for critical RCE attacks. Businesses around the ...