Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

Hackers have been unsuccessfully targeting CVE-2023-33538, a vulnerability in discontinued TP-Link routers, for a year.

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

North Korea's Lazarus Group has launched advanced malware targeting macOS devices. Mach-O Man, as it is called, is designed ...

A surge in phishing emails lacking subject lines has been identified as part of a widespread campaign targeting high-value ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.