Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, May 15, 2025: This story, originally published May 14, ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.

Five critical flaws in Dell laptops allow attackers to bypass Windows login, get admin control, and install undetectable malware. Vulnerabilities exploit Dell ControlVault hardware, impact business ...

State-sponsored APTs from North Korea, Iran, Russia, and China are targeting victims using a Windows shortcut file exploit, according to new research from Trend Micro’s Zero Day Initiative (ZDI). In ...

Now that Windows 10 has reached the end of support, it's increasingly appealing to cybercriminals. While upgrading is recommended, you don't have to switch immediately—here's how you can keep your ...

One incredibly popular Windows tools has recently been updated to address a zero-day exploit that could give bad actors a chance to install malware on devices running older versions of the app. The ...

The no-click exploit launched in October infected computers in Europe and North America with the RomCom backdoor when victims were redirected through attacker-controlled websites. A Russia-aligned ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.