A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.

The research team at SonicWall Capture Labs has discovered a remote code execution vulnerability in the Atlassian Confluence Data Center and Server. The vulnerability, identified as CVE-2024-21683, ...

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the ...

A critical zero-click flaw in Claude Desktop Extensions allows remote code execution via calendar invites, risking over ...

A new zero-day vulnerability in Citrix’s Session Recording Manager can be exploited to enable unauthenticated remote code execution (RCE) against Citrix Virtual Apps and Desktops, according to ...

Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based buffer overflow weaknesses. A third Windows ...

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...

A research team at data security platform Cyera has discovered a critical vulnerability in n8n, a no-code workflow automation tool, called ' Ni8mare ( CVE-2026-21858 ...

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

[Ed. note, Nov. 12 at 12:30 p.m. ET: Citrix has now issued patches for the issue and assigned CVE-2024-8068/CVE-2024-8069 for tracking.] An unpatched zero-day ...