A six-month investigation into AI-assisted development tools has uncovered over thirty security vulnerabilities that allow ...

Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.

React2Shell flaw under active attack exposes thousands of React and Next.js apps to remote code execution, forcing urgent ...

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Attacks against CVE-2025-55182, which began almost immediately after public disclosure, have increased as more threat actors ...

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol ...

Researchers found that .env files inside cloned repositories could be used to change the Codex CLI home directory path and ...

Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor’s cloud ...

A set of security vulnerabilities in Apple's AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code ...

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...