A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...

Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files ...

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

A researcher has come across what appears to be an actively exploited Adobe Acrobat and Reader zero-day vulnerability.

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...

Microsoft fixes 167 bugs in April Patch Tuesday, including critical and zero-day vulnerabilities affecting Windows and Office ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.