Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.