Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...

A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions ...

Horizon3 security researchers have released proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched ...

It has been a very long time since the average computer user thought about .cue files, or cue sheets, the metadata bits that describe the tracks of an optical disc, like a CD or DVD. But cue sheets ...