Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...

Microsoft releases an out-of-band hotpatch for critical Windows 11 RRAS vulnerabilities that could allow remote code ...

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has told all federal civilian agencies to patch a critical ...

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit.

Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.

Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows ...

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.