GIGAZINE

Exploit ``BLASTPASS'', which allows arbitrary code to be executed simply by receiving a ...

The Citizen Lab, a security laboratory at the University of Toronto, has revealed the existence of a zero-click, zero-day iPhone exploit chain called BLASTPASS. It is also said to have been used to ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
GIGAZINE

Possible remote code execution exploit in Apex Legends, professional players targeted ...

Electronic Arts (EA), which operates the battle royale FPS 'Apex Legends,' has announced that it will postpone the North American finals of the official tournament 'Apex Legends Global Series (ALGS).' ...
HotHardware

Microsoft Windows Server Update Service Is Under Attack, What You Need To Know

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
CSOonline

Researchers uncover RCE attack chains in popular enterprise credential vaults

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...

Cyata flags agentic AI supply-chain risk in Cursor remote code execution bug

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code ...
ZATAZ

7-Zip vulnerabilities: directory escape and remote execution

Two flaws in 7-Zip allow working-directory escape through symlinks inside malicious ZIPs. Update immediately or disable automatic extraction to mitigate risk. Two vulnerabilities, CVE-2025-11001 and ...