The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code ...

Governments and private security sleuths warned that attackers are already exploiting a critical bug in Microsoft Windows Server Update Services, shortly after ...

Attackers are taking advantage of a vulnerability in Cisco’s Simple Network Management Protocol (SNMP), which allows malicious rootkits to be installed on network hardware. According to findings from ...

In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty program to double or ...

A command injection vulnerability was found in the figma-developer-mcp Model Context Protocol (MCP) server. The flaw could allow attackers to run arbitrary system commands and achieve remote code ...

After being alerted to the vulnerability by WhatsApp and the security teams at Meta, Samsung has scurried to fix a critical zero-day vulnerability that was actively being used by hackers in targeting ...

Nearly half a year since its patch was released, few vendors and no manufacturers have fixed a zero-click vulnerability in Apple CarPlay. On April 29, researchers from Oligo Security disclosed a ...

Data backup and replication specialist Commvault has issued patches covering off four vulnerabilities in its core software product that, left unaddressed, could be combined to achieve two distinct ...

Cisco users are urgently advised to update their firewall command center in light of a remote code execution (RCE) vulnerability. According to a "critical"-level alert issued last week, Cisco’s Secure ...

A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft. The exploit in question ...

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. Dozens of SAP NetWeaver instances are susceptible to compromise after a threat ...

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...