NGINX is critically vulnerable: hackers can crash servers and run remote code with no authentication
A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...
GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by ...
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...
Morning Overview on MSN
Ivanti patches a high-severity zero-day in Endpoint Manager that gave attackers remote code execution in targeted attacks
Ivanti has released emergency patches for its Endpoint Manager Mobile platform after confirming that attackers exploited a ...
Morning Overview on MSN
LiteLLM just fell to a full-chain Pwn2Own exploit combining SSRF and code injection — researchers took full system control
A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...
The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...
The MiniPlasma exploit targets CVE-2020-17103, a Windows vulnerability that should have been patched in December 2020.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results