Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code execution.

Maximum-severity vuln lets unauthenticated attackers execute code on trusted infra management platform Hewlett Packard ...

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...