Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Microsoft fixes 167 bugs in April Patch Tuesday, including critical and zero-day vulnerabilities affecting Windows and Office ...

Hackers have been targeting a critical file upload flaw in an addon for the Ninja Forms WordPress plugin that leads to remote ...

A researcher has come across what appears to be an actively exploited Adobe Acrobat and Reader zero-day vulnerability.

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...