AI-related changes to Notepad allowed attackers to execute arbitrary code on your computer. The vulnerability was related to ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.

The widely used open-source library has been patched to defend against a heap buffer overflow flaw that’s been in the code since its inception.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Endor Labs, the leader in AI-native application security, today announced the acquisition of Autonomous Plane, a cloud-native application security company founded by Kyle Quest, creator of DockerSlim.

Microsoft has patched six exploited zero-days in February 2026 Patch Tuesday, addressing 58 vulnerabilities and triggering urgent enterprise remediation.

Microsoft's February Patch Tuesday release addresses 58 vulnerabilities across Windows, Office and several other products, ...

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue, ...

A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. All 12 vulnerabilities patched in the open source SSL/TLS toolkit were discovered by ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...