Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

Barracuda is not the only company sounding the alarm on broken firewalls, as recent research from Sophos also showed that ...

Exploitation of two recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities, which had been zero-days, has surged.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in ...

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.

If you have disabled automatic updates, make sure to open Chrome, click the three dots in the top-right corner, and navigate to Help - About Google Chrome. On this page, the browser will automatically ...

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, and critical CVEs.