Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

CERT-In warns of a high-risk Chrome vulnerability on Windows, macOS and Linux. Update Chrome now to prevent system compromise ...

It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication ...

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft ...