The Hacker News

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft patches 84 vulnerabilities, including two public zero-days, strengthening defenses against privilege escalation and cloud token theft.

Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
Security Boulevard

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...
Windows Report

Hackers Allegedly Selling Windows Remote Desktop Exploit for $220K

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.
CRN

CISA Confirms Windows Privilege Escalation Flaw Has Seen Exploitation

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...
SiliconANGLE

Mandiant uncovers critical privilege escalation vulnerability in Azure Kubernetes service

Google LLC’s Mandiant has published details of a critical privilege escalation vulnerability found in Microsoft Corp.’s Azure Kubernetes service that, though patched by Microsoft, could have allowed ...

Hackers are selling a critical Windows zero-day exploit for $220,000 on the dark web

According to X user Dark Web Informer, a cybercriminal known as Kamirmassabi recently posted an ad on an underground hacking forum, offering to sell a zero-day ...
Dark Reading

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security

Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of ...
Searchenginejournal.com

Zoom Privilege Escalation Vulnerability Via Improper Authorization

Zoom issued an urgent security advisory about a flaw in the Zoom client that could allow a user to gain higher level privileges and access that they are not authorized for. The Zoom web client is what ...
Infosecurity-magazine.com

Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot

Severe vulnerabilities have been discovered in Microsoft’s AI healthcare chatbot service, allowing access to user and customer information, according to Tenable researchers. The level of access ...
Bleeping Computer

Latest Privilege Escalation news

Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there. Join Push Security on February 11th for an interactive ...