The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in ...

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.

A method that could enable code execution through manipulated installation links in an AI development environment has been identified by security researchers. The technique, dubbed CursorJack by ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and ...

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. Google released a Chrome security update fixing two high ...

AI frameworks, including Meta’s Llama, are prone to automatic Python deserialization by pickle that could lead to remote code execution. Meta’s large language model (LLM) framework, Llama, suffers a ...

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management Center (FMC) software in zero-day attacks since ...

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...