Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

AI models have reached a level of coding capability that rivals or exceeds that of most human experts at finding and exploiting software vulnerabilities, Anthropic said. Anthropic is limiting access ...

A critical security weakness in Atlassian Bamboo Data Center and Server has exposed a fresh risk for organisations that rely on automated software build and deployment systems, after Atlassian ...

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...