A critical security vulnerability in the popular JavaScript library expr-eval allows remote code execution. The bug, with a ...

Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found. Hackers have begun exploiting recently patched ...

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...

Pwn2Own, organized by the Zero Day Initiative, is a contest for white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services. The latest ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together. VMware published patches last ...

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line. Sophos Firewall is an enterprise cybersecurity solution that can adapt to different networks and ...

Eleven zero-day vulnerabilities in WindRiver’s VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis. Six ...

The internet behemoth rolled out the Chrome 90 stable channel release to address this and eight other security vulnerabilities. Google’s Chrome browser has several security vulnerabilities that could ...

A new vulnerability has been discovered in Microsoft’s Azure Service Fabric Explorer (SFX) that would enable unauthenticated, remote threat actors to execute code on a container hosted on a Service ...

In brief: Last week, a researcher discovered a vulnerability in older trial versions of the WinRAR file compression software. It allows for remote code execution ...