A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the ...

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' ...

HD Moore has released a second IE 0 day Metasploit Exploit Module in the past 2 weeks. The Office Web Component Exploit in Metasploit was committed to the Dev 3.3 SVN and will attack the vulnerability ...

Last week, I got on the phone with HD Moore to ask him how things have been going since he sold Metasploit to Rapid7, sending the open source security world into a frenzy some six months ago. Rapid7 ...

Security researchers found that a zero-day exploit left phones that support the Snapdragon 8 Gen 1, like the Samsung Galaxy S22, venerable. We currently don't know to ...

Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical ...

Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal ...

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...

Developers have released a major update to the Metasploit security testing tool designed to run more smoothly on the Windows operating system. Metasploit 3.0, released early Tuesday morning, has been ...

Developers have released a major update to the Metasploit security testing tool designed to run more smoothly on the Windows operating system. Metasploit 3.0, released early Tuesday morning, has been ...