A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security ...

Ivanti has released an emergency patch for a zero-day vulnerability in its Endpoint Manager Mobile (EPMM) platform after ...

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for ...

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...

Deploying AI agents for repository-scale tasks like bug detection, patch verification, and code review requires overcoming significant technical hurdles. One major bottleneck: the need to set up ...

That gap is becoming increasingly visible in the latest wave of AI-driven code review tools. Multi-agent systems can now scan ...