The latest Data Breach Investigations Report from Verizon highlights a 34% increase in the use of vulnerability exploitation ...

The web shells grant the threat actor the ability to execute arbitrary commands in system context, with the privileges of the ...

Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with ...

When exploited, this flaw allows an unauthenticated actor to upload ZIP files and perform remote code execution (RCE), thus ...

Microsoft patches 12 critical flaws, but six have already been exploited by criminals. Kurt “CyberGuy" Knutsson says updating ...

Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated ...

The flaw, tracked as CV-2025-34028, could allow remote attackers to execute arbitrary code without authentication on affected ...

After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches ...

Attackers can exploit two software vulnerabilities in IBM Hardware Management Console. One vulnerability is considered ...

Vulnerability exploitation, including attacks on network edge devices, has leapfrogged phishing to become a key factor in ...

Action1’s upgraded AEM platform now also features new advances in vulnerability analytics and exploit intelligence that ...