Threat actors are exploiting a recently patched 7-Zip vulnerability that leads to remote code execution (RCE), NHS England ...

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.

The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF. Researchers have created a proof-of-concept exploit that would ...

Exploit code demonstrating a memory corruption bug in Microsoft's Edge web browser has been published today by the researcher that discovered and reported the vulnerability in the first place. The ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together. VMware published patches last ...

A popular Java library has a serious vulnerability, discovered over nine months ago, that continues to put thousands of Java applications and servers at risk of remote code execution attacks. The flaw ...

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...

A zero day exploit (Firefox 3.5 Heap Spray Vulnerability) affecting Mozilla's latest Firefox release has been published in the wild. Through an error in the ...

Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device. To date, most of the private ...

Attackers are actively exploiting a Windows zero-day vulnerability that can execute malicious code on fully updated systems, Microsoft warned on Monday. The font-parsing remote code-execution ...