A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities Catalog.

A critical vulnerability was recently discovered in Imunify360 AV, a security scanner used by web hosting companies to protect over 56 million websites. An advisory by cybersecurity company Patchstack ...

A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability ...

Earlier this week, Microsoft rolled out an emergency update for Windows 11 (KB5070773) to fix a USB input bug in Windows Recovery. Now, the company is back with another emergency OOB update, which ...

An advisory was issued for the Ocean Extra WordPress plugin that is susceptible to stored cross-site scripting, which enables attackers to upload malicious scripts that execute on the site when a user ...

Update August 22, 03:57 EDT: This Plex Media Server vulnerability is now tracked as CVE-2025-34158, and it has been rated as maximum severity by VulnCheck. Plex has notified some of its users on ...

Oracle announced it evaluated MCP and has integrated it into its core developer tools, making the Oracle Database immediately available on any platform supporting MCP. This integration is made ...

NVIDIA has patched a trio of vulnerabilities in its Triton Inference Server that, when chained together, give unauthenticated remote attackers a way to take full control of the server and run ...

Hackers have been exploiting a critical-severity vulnerability in the Wing FTP Server file transfer solution to execute arbitrary code remotely, after technical information on the flaw was published ...

Hertz and other agencies are increasingly relying on scanners that use high-res imaging and A.I. to flag even tiny blemishes, and customers aren’t happy. By Gabe Castro-Root The next time you rent a ...