A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

Security vulnerabilities in Gimp allow code injection with manipulated files like GIFs. There is no update yet.

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

The footnote is on page 7 of a 60-page alignment risk report, wedged between paragraphs about sandbox configuration and ...

A vulnerability-discovery tool built by Anthropic has identified a serious flaw in FreeBSD’s Network File System, a component ...

Adobe released emergency patches for CVE-2026-34621, a critical Acrobat and Reader zero-day that has been exploited in the wild.

Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.