A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI ...

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between ...

A previously published patch left a gaping hole that crooks will happily exploit.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication ...

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...