More results...
A critical zero-day vulnerability has been disclosed in the Gemini MCP Tool, enabling unauthenticated remote attackers to execute arbitrary code on vulnerable installations without requiring user interaction or authentication. The vulnerability, tracke…
A high command injection vulnerability has been discovered in TP-Link’s Archer MR600 v5 router, enabling authenticated attackers to execute arbitrary system commands through the device’s admin interface. The flaw, tracked as CVE-2025-14756,…
WhatsApp has unveiled Strict Account Settings, an advanced security feature designed to shield high-risk users from sophisticated cyber threats and targeted attacks. The lockdown-style protection mechanism provides enhanced safeguards for journalists, …
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory alerting the public to heightened risks of malicious cyber activity targeting disaster victims. As natural disasters strike communities, threat actors capitalize…
A critical vulnerability in the vm2 JavaScript sandbox library (versions ≤ 3.10.0) enables attackers to bypass sandbox protections and execute arbitrary code with full system privileges. The flaw exploits improper sanitization of Promise callback funct…
Approximately 6,000 vulnerable SmarterTools SmarterMail installations globally are all exposed to an actively exploited remote code execution vulnerability. The vulnerability, tracked as CVE-2026-23760, poses an immediate threat to organisations relyin…
A class-action lawsuit filed in San Francisco federal court accuses Meta Platforms of systematically misleading billions of WhatsApp users about the protection of their messages. The complaint alleges that despite marketing claims of unbreakable end-to…
A proof-of-concept exploit for CVE-2026-24061, a critical remote code execution vulnerability in the GNU Inetutils telnetd, has surfaced, with security researchers warning that over 800,000 vulnerable instances remain publicly accessible on the interne…
A server-side vulnerability in Instagram that allegedly allowed completely unauthenticated access to private account posts. This raises concerns about Meta’s vulnerability disclosure handling and the effectiveness of compensatory controls protect…
Microsoft has released two critical out-of-band (OOB) security patches targeting widespread issues affecting Windows 11 users following January’s monthly security updates. The emergency patches, KB5078127 and KB5078132, address severe file system…