Some proof-of-concept exploits have begun circulating for CVE-2021-40444 and no patch is yet available.
Attackers are exploiting an authentication bypass flaw in Zoho's ManageEngine ADSelfService Plus password management app.
Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.
A set of implementation and design flaws have been uncovered in the 802.11 standard that underpins Wi-Fi.
Google Project Zero's recent tweaking of its vulnerability disclosure window reflects how researchers are taking into account patch adoption when mulling disclosure policies.