Foxglove Security researcher Stephen Breen has demonstrated that you don't need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level of privilege available on a Windows machine (Windows 7, 8, 10, Server 2008, Server 2012).
A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point.
Intel has fixed a remotely exploitable vulnerability (CVE-2016-1493) in the Intel Driver Update Utility which could be used by a man-in-the-middle attacker to corrupt transferred data, which could lead to information leak and ultimately even code execution.
ENISA published a good practice guide on vulnerability disclosure, aiming to provide a picture of the challenges the security researchers, the vendors and other involved stakeholders are confronted with when disclosing software/hardware vulnerabilities.
Security researcher (and Praesido CTO) Sean Cassidy has demonstrated at ShmooCon how easy it can be for hackers to steal LastPass users' email, password, and two-factor authentication code via a simple phishing attack.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.