Oracle released an out-of-band update for PeopleSoft to address CVE-2026-35273, a zero-day vulnerability likely exploited by ...

CISA’s new BOD 26-04 requires federal agencies to prioritize the remediation of vulnerabilities in the KEV catalog, based on ...

A PowerShell script included in patch files appears to be triggering false positives by multiple security engines.

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.

OnyxC2 is a sophisticated malware-as-a-service platform that delivers stealthy credential theft, remote control, and ...

Splunk and Palo Alto Networks have released patches for critical and high-severity vulnerabilities across their products.

The University of Nottingham has confirmed a data breach after the ShinyHunters group leaked files stolen from the university ...

Microsoft’s latest Patch Tuesday updates resolve an actively exploited Exchange Server vulnerability tracked as ...

ServiceNow is informing customers that it has patched a vulnerability that appears to have been exploited by attackers.

A security researcher has released RoguePlanet, a Windows zero-day exploit leading to local privilege escalation to SYSTEM.

Vulnerabilities in widely deployed HVAC and UPS products used in data centers can be exploited for disruptive attacks.