F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

Threat actors are exploiting CVE-2025-53521, a critical F5 BIG-IP vulnerability that has been reclassified as a remote code execution issue.

A report has confirmed that a highly sophisticated, full-chain exploit kit internally known as DarkSword has been publicly ...

An exploit kit known as Coruna has appeared on GitHub, bundling working attack code for several Apple iOS vulnerabilities ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.

A vulnerability in Microsoft’s SharePoint server software was exploited by hackers to carry out “active attacks” globally on various entities, including businesses and U.S. federal agencies, prompting ...

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day ...

As a new hacking exploit kit affecting millions of iPhones becomes public, the U.S. Cybersecurity and Infrastructure Security ...

Researchers have developed Metaphor, a “fast, reliable, and stealthy” exploit for the Stagefright vulnerability that can affect millions of Android devices. Whether or not the attack becomes widely ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Ubiquiti has patched two vulnerabilities in the UniFi Network Application, including a maximum-severity flaw that may allow ...