Apple’s 2026 security year includes zero-days, iPhone exploit kits, WebKit fixes, and background patches that users and IT ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

The HTTP/2 Bomb exploit chains two known denial-of-service (DoS) attack techniques to knock major web servers offline.

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

A researcher accuses Microsoft of banning their GitHub and Microsoft accounts after publishing a Windows 11 BitLocker ...

Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in ...

One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage. Zerodium, which pays $2 million for iOS ...

Security researchers say a pair of easy-to-exploit flaws in a popular remote-access tool used by more than a million companies around the world are now being mass exploited, with hackers abusing the ...

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...

Jon Gilbert is a Features Writer for Android Police. I've covered Android since 2021, focusing on writing features and guides about Android apps and features that directly affect users. I've attended ...