A remote code execution vulnerability in Spring Framework has sparked fears that it could have a widespread impact across enterprise environments. Spring is one of the most popular open-source ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available ...

A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the weekend. The vulnerability was assigned a 9.8 out of 10 ...

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

The research team at SonicWall Capture Labs has discovered a remote code execution vulnerability in the Atlassian Confluence Data Center and Server. The vulnerability, identified as CVE-2024-21683, ...

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

EngFlow, the well-funded build acceleration startup, today announced that it has invested in tipi.build. With this, EngFlow is teaming up with tipi to extend its services beyond support for build ...