The flaw allows remote code execution via a public REST API, giving attackers a direct path to compromise enterprise ...

Security researchers at Sysdig have observed new campaigns exploiting React2Shell which appear to have the hallmarks of North Korean hackers. React2Shell is a remote code execution vulnerability in ...

Anthropic recently reported that attackers linked to China leveraged its Claude Code AI to carry out intrusions against about 30 global organizations. According to the San Francisco-based AI developer ...

The hack was one of the “most sophisticated” attacks so far in 2025, according to Deddy Lavid, CEO of blockchain security company Cyvers. The team behind decentralized finance (DeFi) protocol Balancer ...

DeFi protocol Balancer is the target of an ongoing exploit, with more than $116 million in staked Ether tokens transferred to a new wallet. Update Nov. 3, 10:42 am UTC: This article has been updated ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Governments and private security sleuths warned that attackers are already exploiting a critical bug in Microsoft Windows Server Update Services, shortly after ...

Attackers are taking advantage of a vulnerability in Cisco’s Simple Network Management Protocol (SNMP), which allows malicious rootkits to be installed on network hardware. According to findings from ...

In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty program to double or ...

A command injection vulnerability was found in the figma-developer-mcp Model Context Protocol (MCP) server. The flaw could allow attackers to run arbitrary system commands and achieve remote code ...