Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure ...

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...

Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...

A newly disclosed security flaw in Axios, one of the most widely used HTTP client libraries in the JavaScript ecosystem, has raised concern across software and cloud security teams after official ...

Abstract: The Internet of Things (IoT) devices have brought invaluable convenience to our daily lives. However, they also introduce significant security challenges. Common vulnerabilities in numerous ...

A new gene therapy is giving people born deaf the chance to hear, often within just weeks. In a small but groundbreaking study, researchers delivered a working copy of a key hearing gene directly into ...

PathBreaker is a Burp Suite extension built for penetration testers who need to efficiently discover hidden endpoints and test HTTP header injection vulnerabilities. It combines a powerful fuzzing ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of ...

A new report out today from cybersecurity company Miggo Security Ltd. details a now-mitigated vulnerability in Google LLC’s artificial intelligence ecosystem that allowed for a natural-language prompt ...