CISA adds Hikvision flaw CVE-2017-7921 and Rockwell Automation CVE-2021-22681 to KEV, urging agencies to patch by March 26, 2026.

OpenAI unveiled Codex Security on Friday, an advanced application security tool that detects complex software vulnerabilities ...

A critical-severity FreeScout vulnerability can be exploited for remote code execution without authentication or user interaction.

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...

Networking giant Cisco has released 25 joint security advisories covering security patches for 48 vulnerabilities in across its Secure Firewall Adaptive Security Appliance (ASA), Secure Firewall ...

A new exploit found in the enterprise software MOVEit Transfer can have serious consequences for large swaths of the web. Credit: GETTY Images Another day, another newly discovered exploit. But this ...

A critical-severity security flaw was found in Commvault Command Center It allows threat actors to run arbitrary code remotely and without authentication Vulnerability could lead to complete ...

HPE warns of a critical vulnerability in the HPE AutoPass License Server (APLS). Authentication can be bypassed.

JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin ...

Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. The security flaw (tracked as CVE-2024-11639 and ...

NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability ...