A six-month investigation into AI-assisted development tools has uncovered over thirty security vulnerabilities that allow data exfiltration and, in some cases, remote code execution.

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls WatchGuard is in emergency ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...

Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ...

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...