"Attackers are leveraging the unauthenticated command injection in ICTBroadcast via the BROADCAST cookie to gain remote code ...

According to Microsoft's investigation, the attack chain started when users were tricked into visiting exploitative websites.

A vulnerability in the popular gaming and application editor Unity can allow attackers to load arbitrary libraries and ...

Update Chromium-based browsers to the patched Chrome/Edge/Opera builds and relaunch them. A non-updated browser stays ...

Apple announced significant updates to its bug bounty program and the company is now offering up to $2 million for complex exploit chains.

Code scanning tools analyze memory handling operations to spot insecure practices, such as unchecked array indices, unsafe copying functions, or insufficient buffer allocation. Preventing buffer ...

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...

Vietnam ranked second in Southeast Asia for the number of exploit-based cyberattacks during the first half of 2025, trailing ...

Proof-of-concept exploit code is now available for a pre-authentication remote code execution (RCE) vulnerability allowing attackers to execute arbitrary code remotely with root privileges on ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together. VMware published patches last ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...