Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Apple has pushed an urgent software update to its massive global iPhone user base after security researchers identified critical flaws in WebKit, the engine that powers Safari and nearly every browser ...

Security issue impacts Firefox web browser and Thunderbird email client, potentially enabling attackers to execute arbitrary ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Google released an emergency Chrome update on Friday to patch a zero-day vulnerability that has been exploited in the wild.

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

A critical remote code execution flaw in the WPvivid Backup & Migration WordPress plugin puts over 900,000 sites at risk unless patched.

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...