Ivanti warns of new EPMM flaw exploited in zero-day attacks

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) ...

Google Update: Android Flaw Could Put Billions of Devices at Risk

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk.
InfoWorld

AI finds 20-year-old bugs in PostgreSQL and MariaDB

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...
Morning Overview on MSN

SharePoint zero-day CVE-2026-32201 allows remote code execution with no privileges required ...

A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 ...

Palo Alto Networks firewall zero-day exploited for nearly a month

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS ...
The Hacker News

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

"A buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks ...
The Hacker News

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.
SecurityWeek

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

A critical remote code execution and supply chain vulnerability was recently discovered by researchers in Gemini CLI.
Morning Overview on MSN

GitHub patches critical remote code execution flaw in private repositories

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...