SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is available.

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss it as ...