"Attackers are leveraging the unauthenticated command injection in ICTBroadcast via the BROADCAST cookie to gain remote code ...

A vulnerability in the popular gaming and application editor Unity can allow attackers to load arbitrary libraries and ...

According to Microsoft's investigation, the attack chain started when users were tricked into visiting exploitative websites.

Update Chromium-based browsers to the patched Chrome/Edge/Opera builds and relaunch them. A non-updated browser stays ...

The Redis security team has issued a warning to system administrators and cloud infrastructure providers after discovering a ...

Apple announced significant updates to its bug bounty program and the company is now offering up to $2 million for complex exploit chains.

Two recently discovered security flaws could make 7-Zip a serious risk to data and system security. These bugs had been known internally for months, and 7-Zip ...

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...

Proof-of-concept exploit code is now available for a pre-authentication remote code execution (RCE) vulnerability allowing attackers to execute arbitrary code remotely with root privileges on ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together. VMware published patches last ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...