A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical authentication bypass vulnerability.

A new ransomware strain that entered the scene last year has poorly designed code and an odd "Hebrew" identity that might be ...

Anura identified and successfully mitigated a new form of Sophisticated Invalid Traffic (SIVT) that uses artificial ...

While telnet is considered obsolete, the network protocol is still used by hundreds of thousands of legacy systems and IoT ...

CISA has added to the KEV catalog two Linux vulnerabilities leading to privilege escalation and authentication bypass via ...

The massively hyped agentic personal assistant has security experts wondering why anyone would install it Security concerns ...

Cybersecurity researchers have raised red flags about a new artificial intelligence personal assistant called Clawdbot, ...

The hype around the exploits of centralized digital asset exchanges (CEX) and democratized digital asset exchanges (DEX) ...