More than eight years after it first came to light, an unauthenticated Java deserialization vulnerability lurking in the Google Web Toolkit open source application...

Concerns are high over a critical, recently disclosed remote code execution (RCE) vulnerability in Apache Struts 2 that attackers have been actively exploiting over...

APT29, the notorious Russian advanced persistent threat behind the 2020 SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity that could...

On Dec. 11, Apple released patches for dozens of vulnerabilities affecting iPhones, Macs, Apple TVs, Apple Watches, and its Safari browser.The long list includes...

It's time to patch again: Four critical security vulnerabilities in Atlassian software open the door to remote code execution (RCE) and subsequent lateral movement...

Organizations using Ray, the open source framework for scaling artificial intelligence and machine learning workloads, are exposed to attacks via a trio of as...

The attackers behind the Kinsing malware are the latest to exploit the Apache ActiveMQ critical remote code execution (RCE) vulnerability, targeting the flaw to...

A fresh proof-of-concept (PoC) exploit for a critical security vulnerability in Apache ActiveMQ is making it easier than ever to achieve remote code execution...

Researchers have developed an exploit for AMD CPUs that allows attackers to undermine memory protections, and thereby escalate privileges or perform remote code execution...

Microsoft released fixes for a total of 63 bugs in its November 2023 update, including three that threat actors are actively exploiting already and...

VMware urged customers to update VMware vCenter Servers against a critical flaw that could potentially lead to remote code execution (RCE) and assigned a...

Eight newly discovered vulnerabilities in the SolarWinds Access Rights Manager Tool (ARM) — including three deemed to be of critical severity — could open...