Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities.
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution ...
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers. The vulnerability ...
CISA added CVE-2026-45659 SharePoint Server RCE to KEV following confirmed exploitation, requiring U.S. agencies to patch by ...
PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...
Research from JFrog into the software supply chain vulnerability points to the need for better visibility into applications, ...
A Microsoft Defender vulnerability tracked as BlueHammer and CVE-2026-33825 is being exploited in ransomware attacks ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.
Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft ...