Yubico warns of a search path vulnerability in YubiKey Manager, libfido2 and python-fido2. Updates fix the bugs.

A security researcher known as Chaotic Eclipse recently disclosed a vulnerability dubbed "Red Sun" affecting Microsoft ...

CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

Security vulnerabilities in Gimp allow code injection with manipulated files like GIFs. There is no update yet.

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...

Endor Labs, today announced the launch of the agentic code security benchmark, extending the existing SusVibes framework from leading academic researchers to evaluate how securely AI coding agents ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...

Microsoft is publishing 167 vulnerabilities on Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today ...