The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
Bleeping Computer

Zerodium triples WordPress remote code execution exploit payout

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution. The exploit acquisition platform is now enticing exploit ...
Security Boulevard

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...
Searchenginejournal.com

WordPress Elementor Plugin Remote Code Execution Vulnerability

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...
SecurityWeek

VMware Aria Operations Vulnerability Could Allow Remote Code Execution

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.
ZDNet

Sophos patches critical remote code execution vulnerability in Firewall

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line. Sophos Firewall is an enterprise cybersecurity solution that can adapt to different networks and ...