The Citizen Lab, a security laboratory at the University of Toronto, has revealed the existence of a zero-click, zero-day iPhone exploit chain called BLASTPASS. It is also said to have been used to ...

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

Apple has patched CVE-2026-20700, a dyld code execution vulnerability exploited in an extremely sophisticated attack.

Electronic Arts (EA), which operates the battle royale FPS 'Apex Legends,' has announced that it will postpone the North American finals of the official tournament 'Apex Legends Global Series (ALGS).' ...

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

The Howyar UEFI Application “Reloader” (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded ...