SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is available.

Over the past week, enterprise security teams observed a combination of covert malware communication attempts and aggressive probing of publicly exposed infrastructure. These incidents, detected ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss it as ...