A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users ...

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring immediate patching and compromise assessment.

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

The security problem starts with how cellular modems are built. A phone's baseband is effectively its own operating system, ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...