More results...
A sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silentl…
Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engin…
The software refresh fixes eight memory safety bugs affecting seven Chrome components.
The post Chrome 146 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
Security researcher Aleksandr Zhurnakov from PT Security has discovered a critical exploit chain in Dell Wyse Management Suite. By combining seemingly minor logic flaws, an attacker can achieve unauthenticated remote code execution. This attack targets…
An out-of-bounds read vulnerability can be exploited remotely without authentication to read sensitive information from memory.
The post Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn appeared first on SecurityWeek.
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enab…
Roundcube Webmail, a widely deployed open-source webmail interface, has released an urgent security update to address multiple critical vulnerabilities. The new stable release, version 1.6.14, patches eight distinct security flaws reported by independe…
Cloud Software Group has published a critical security bulletin addressing two significant vulnerabilities in customer-managed NetScaler ADC and NetScaler Gateway deployments. These flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow attacke…
Google has released a crucial security update for its Chrome browser, addressing eight high-severity vulnerabilities. Users are strongly advised to update their browsers immediately to protect their systems from potential remote code execution attacks….
The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior.
The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.