CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

About 175,000 private servers are reportedly exposed to the public internet, giving hackers the opportunity to carry out ...

DryRun Security, the industry’s first AI-native, code security intelligence company, today announced the DeepScan Agent, a new AI-powered capability that delivers full-repository application security ...

Massive 31.4 Tbps DDoS attack breaks records: How the 'apex' of botnets could be weaponizing your home devices ...

Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Researchers found that the U.S. electric power sector has significant misalignment between compliance with regulations and actual security.

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...