More results...
A critical “zero-click” vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/1…
Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent remote control. Security researchers observed these attacks starting on February 7, 2026, targeting organ…
A critical security vulnerability has been discovered in Fortinet’s FortiClient EMS (Endpoint Management Server), potentially exposing organizations to remote code execution attacks. The flaw, tracked as CVE-2026-21643, was disclosed on February …
BeyondTrust has issued an urgent security advisory regarding a critical zero-day vulnerability affecting its popular remote access solutions. The flaw, tracked as CVE-2026-1731, carries a near-maximum severity score of 9.9 out of 10 on the CVSSv4 scale…
Anthropic has released Claude Opus 4.6, marking a significant leap in the defensive application of artificial intelligence. Released yesterday, the model has already identified and validated over 500 high-severity “zero-day” vulnerabilities…
F5 released its Quarterly Security Notification, addressing multiple security flaws across its product ecosystem. While F5 classifies the primary vulnerabilities as “Medium” severity under their internal policy, the updated CVSS v4.0 scorin…
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is…
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded f…
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponiz…
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…