The Citizen Lab, a security laboratory at the University of Toronto, has revealed the existence of a zero-click, zero-day iPhone exploit chain called BLASTPASS. It is also said to have been used to ...

Security company Binarly has announced an exploit called LogoFAIL that attacks 24 vulnerabilities found in UEFI related to booting devices running Windows or Linux. The 'Logo' in LogoFAIL comes from ...

Apple has pushed an urgent software update to its massive global iPhone user base after security researchers identified critical flaws in WebKit, the engine that powers Safari and nearly every browser ...

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...

CVE-2026-1357 exposes a critical WordPress WPvivid plugin flaw, allowing unauthenticated RCE, enabling attackers to upload PHP files and fully compromise sites. The post CVE-2026-1357: WordPress ...

Apple releases security updates fixing exploited dyld zero-day CVE-2026-20700 enabling code execution across iOS, macOS, and Apple devices.

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

In brief: Security researchers have uncovered a wide-ranging set of vulnerabilities in Apple's AirPlay protocol that could allow attackers to hijack Apple and third-party devices remotely without user ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Attackers are actively targeting a critical flaw in a popular Python-based Web app for building AI agents and workflows to unleash a powerful botnet that can cause full system compromise, distributed ...