Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...

Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks.

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

Executive Overview Over the past week, global threat activity has highlighted a critical reality: modern cyber attacks are faster, more coordinated, and increasingly industrialized. From mass ...

Vulnerabilities in the contact center solution can result in authentication bypass and remote code execution. The networking company also warned of new attacks on previously patched firewall products.

Security researchers found dozens of flaws in Apple's AirPlay protocol Some of them allowed remote code execution attacks Apple has released patches addressing the flaws Apple’s AirPlay Protocol and ...

Two critical vulnerabilities were identified in the WP Travel Engine, travel booking plugin for WordPress that’s installed on more than 20,000 websites. Both vulnerabilities enable unauthenticated ...