To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Cisco patched a critical exploit affecting some of its communication-based products. Designated as CVE-2026-20045, the vulnerability allows bad actors to run arbitrary commands on an affected device’s ...

Patches are available for a critical vulnerability in Cisco's unified communications (UC) products, following detection of ...

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...

A set of newly disclosed critical vulnerabilities in Fortinet products is raising serious cybersecurity concerns, with national CERT ...

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete arbitrary files.

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.

Windows 11 includes multiple built-in security layers designed to protect your system from modern cyber threats. One such ...