A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. The flaw is tracked as ...
An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...
Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...
F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...
Oracle warns of a PeopleSoft security bug abused by hackers to target 100+ companies, with universities hit hardest in 2026.