An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is ...

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...