Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

This month's Patch Tuesday includes an actively exploited Office zero-day vulnerability and several critical RCE bugs in ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Microsoft’s April 2026 Patch Tuesday fixes 165 vulnerabilities, including two zero-days, in one of the company’s largest ...

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex ...

Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.