Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

Executive Overview Over the past week, global threat activity has highlighted a critical reality: modern cyber attacks are faster, more coordinated, and increasingly industrialized. From mass ...

Over the weekend, Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability. Tracked as CVE ...

Security researchers found dozens of flaws in Apple's AirPlay protocol Some of them allowed remote code execution attacks Apple has released patches addressing the flaws Apple’s AirPlay Protocol and ...

Vulnerabilities in the contact center solution can result in authentication bypass and remote code execution. The networking company also warned of new attacks on previously patched firewall products.

Two critical vulnerabilities were identified in the WP Travel Engine, travel booking plugin for WordPress that’s installed on more than 20,000 websites. Both vulnerabilities enable unauthenticated ...