MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of ...

With a hunch, and an hour of AI-assisted scanning, cybersecurity researchers identified and then figured out how to exploit a ...

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

Industrialized cybercrime delivers attacks with greater scale, speed and success. Defenders must match this with use of AI ...

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains ...

An attacker used a Morse code message to trick Grok and Bankrbot—AI agents with wallet control—into transferring DRB tokens on the Base network. The exploit involved gifting Grok an NFT that expanded ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

DeFi came under fresh pressure after the KelpDAO exploit triggered a sharp shock across Aave and revived fears around contagion, bad debt, and operational risk.