Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

CVE-2026-1357 exposes a critical WordPress WPvivid plugin flaw, allowing unauthenticated RCE, enabling attackers to upload PHP files and fully compromise sites. The post CVE-2026-1357: WordPress ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

The Fruity Cargo Cult Apple has issued fixes after a possibly ancient zero-day began being used in the wild. According to SecurityWeek, the hole is tracked as CVE-2026-20700; it is a memory-corruption ...

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

It has been reported that a vulnerability ' CVE-2023-40477 ' has been discovered in WinRAR, a file compression/decompression software for Windows, that allows ...

Assist solution, BIOSConnect, which monitors device health and detects problems. Arbitrary code execution is possible at the BIOS / UEFI level when this vulnerability is exploited, and the Common ...