A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 servers remain exposed to the public internet with no patch applied. The flaw, ...

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...

In a nutshell: Microsoft's June 2024 Patch Tuesday Windows 10 and 11 updates fix 51 security flaws, including a Wi-Fi vulnerability that enables remote code execution. Despite its low threat rating, ...

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

This week, Oligo has announced the AirBorne series of vulnerabilities in the Apple Airdrop protocol and SDK. This is a particularly serious set of issues, and notably affects MacOS desktops and ...

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to data networks, DNS has become a core part of how phones work. Google explains ...