Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code execution.

As generative artificial intelligence continues to grow in popularity and become mainstream, so do security issues surrounding large language models and their support services. A new report today from ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...

Activision has pulled a specific PC version of Call of Duty: WW2 just days after release, following reports that the game suffers from a remote code execution (RCE) exploit. This affects the so-called ...

The PHP Group released PHP 5.3.10 on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development ...