Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.

Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing exploit code, thereby lowering the barrier to entry for penetration testers — ...

New Delhi: Call of Duty WWII players on Xbox PC Game Pass are dealing with something way more serious than lag or bugs. Some users are reporting strange pop-ups, trolling Notepad messages, and even ...

What just happened? Just days after its arrival on PC Game Pass, Call of Duty: WWII has been pulled offline. The abrupt removal follows a surge of reports from the gaming community about a critical ...