A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

BeyondTrust has patched a critical RS and PRA vulnerability leading to unauthenticated remote code execution (RCE) via ...

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) ...

'Claude DXT's container falls noticeably short of what is expected from a sandbox' LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation could let attackers deploy web shells or malware, steal data, and pivot ...

A severe security flaw, CVE-2024-3078, has been discovered in the Windows Wi-Fi driver. This vulnerability allows remote code execution at the kernel level without needing user interaction or ...

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

It's not been a good week for PDFs and security. In the span of seven days, Adobe and Foxit, a rival PDF provider, released dozens and dozens of security patches for their respective software. Several ...