Attackers are already exploiting one of the 57 vulnerabilities for which Microsoft issued a patch this week, and proof-of-concept (PoC) exploits are publicly available for two other vulnerabilities.

Google Threat Intelligence Group discovered a full iOS zero-day exploit chain deployed in the wild against targets in Egypt, revealing how sanctioned commercial surveillance vendor Intellexa continues ...

D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is still ...

Update: The NHS England Digital, in an updated advisory on November 20, 2025, said it has not observed in-the-wild exploitation of CVE-2025-11001, but noted that it's "aware of a public ...

Reports showed four security companies conducted 11 audits of Balancer’s smart contracts starting in 2021, but a bad actor was still able to drain millions in staked Ether. Update (Nov. 10 at 2:55 pm ...

Update Nov. 3, 10:42 am UTC: This article has been updated to include a section on Berachain’s emergency hard fork. Update Nov. 3, 9:47 am UTC: This article has been updated to add the latest figures, ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Anthropic recently launched Claude Code for the web and as an iOS preview, making it easier for developers to use the AI coding assistant without the need for a terminal or command line. Users can ...

In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty program to double or ...

A command injection vulnerability was found in the figma-developer-mcp Model Context Protocol (MCP) server. The flaw could allow attackers to run arbitrary system commands and achieve remote code ...

SolarWinds is urging users of its Web Help Desk helpdesk ticketing and asset management software to ensure their instances are up-to-date after patching a newly uncovered remote code execution (RCE) ...