CISA’s new BOD 26-04 requires federal agencies to prioritize the remediation of vulnerabilities in the KEV catalog, based on ...

Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ...

Splunk and Palo Alto Networks have released patches for critical and high-severity vulnerabilities across their products.

OnyxC2 is a sophisticated malware-as-a-service platform that delivers stealthy credential theft, remote control, and ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

A PowerShell script included in patch files appears to be triggering false positives by multiple security engines.

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

The University of Nottingham has confirmed a data breach after the ShinyHunters group leaked files stolen from the university ...

Microsoft’s latest Patch Tuesday updates resolve an actively exploited Exchange Server vulnerability tracked as ...

ServiceNow is informing customers that it has patched a vulnerability that appears to have been exploited by attackers.

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

Vulnerabilities in widely deployed HVAC and UPS products used in data centers can be exploited for disruptive attacks.