Some 45,000 Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available.

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...

Update 4/9/24: Added information on two zero-day vulnerabilities that Microsoft did not initially mark as exploited. Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for ...