Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices.
TechJuice

Critical WordPress Plugin Flaw Exposes 900,000+ Sites to Remote Code Execution

A critical remote code execution flaw in the WPvivid Backup & Migration WordPress plugin puts over 900,000 sites at risk unless patched.
SecurityWeek

Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’

Apple has patched CVE-2026-20700, a dyld code execution vulnerability exploited in an extremely sophisticated attack.
CSOonline

Cursor’s autorun lets hackers execute arbitrary code

Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a disclosure ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...
The Hacker News

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple releases security updates fixing exploited dyld zero-day CVE-2026-20700 enabling code execution across iOS, macOS, and Apple devices.