Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.

Analysis Finds 1% of Vulnerabilities Were Exploited in the Wild in 2025 and Identifies the 50 Most Routinely Targeted Flaws of Last Year VulnCheck, the exploit intelligence company, today released the ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...

In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. Parallels Desktop ...