A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...
An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...
Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...
A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. The flaw is tracked as ...
Oracle warns of a PeopleSoft security bug abused by hackers to target 100+ companies, with universities hit hardest in 2026.
Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...