The libssh2 library, which is widely used, contains a critical security vulnerability. A published proof-of-concept exploit ...

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

Linux kernel privilege escalation exploit DirtyClone (CVE-2026-43503) is publicly documented: JFrog published a working attack walkthrough Thursday showing how any local user can gain root on ...

Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 ...

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

Paradigm Shift has published a working exploit for Apple's A12 and A13 SecureROM. The flaw is in hardware, so no patch will ...

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...

Sysadmins have been urged to prioritize updating a new critical vulnerability in Fortinet’s FortiSIEM solution, as exploit code is currently circulating in the wild. Published on Tuesday, ...

The tech giant has provided a patch for the root escalation vulnerability, which affects a number of devices that run the Cisco Integrated Management Controller. Cisco disclosed a new high-severity ...