Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background ...

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Ivanti has released emergency patches for its Endpoint Manager Mobile platform after confirming that attackers exploited a previously unknown vulnerability to execute code remotely on targeted servers ...

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Attackers can exploit several security vulnerabilities in IBM HTTP Server, License Metric Tool, and WebSphere Application Server. Patches provide a remedy.

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...

The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day exploits targeting Windows users.