Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s computer.

Gambit Security has emerged from stealth mode with $61 million in funding to help organizations improve resilience.

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.

Google has disrupted a significant China-linked cyberespionage campaign targeting telecoms and government organizations ...

The US has sanctioned Operation Zero, a Russian exploit broker that bought zero-days from a now jailed US defense contractor executive.

TrendAI announced patches for vulnerabilities found in the Windows and macOS versions of the Apex One endpoint security ...

Patches were released for a Cisco Catalyst SD-WAN zero-day exploited in the wild to bypass authentication and gain administrative privileges.

More than half (56%) of the 400,000 vulnerabilities IBM X-Force tracked in 2025 required no authentication before ...

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.

UFP Technologies disclosed a cybersecurity incident that involved the theft of files and the disruption of some IT systems.

Former US defense contractor executive Peter Williams was sentenced to prison for selling exploits to a Russian cyber-tools broker.

The ShinyHunters extortion group claimed the theft of personal information of 12.5 million people from the automotive firm CarGurus.