Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete arbitrary files.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via exposed phMonitor service.

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...

Cisco patched a critical exploit affecting some of its communication-based products. Designated as CVE-2026-20045, the vulnerability allows bad actors to run arbitrary commands on an affected device’s ...

The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated ...