Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
CVE-2026-5281: Google Dawn RCE via Use-After-Free — Mitigation Guide
CISA adds CVE-2026-5281 to the Known Exploited Vulnerabilities Catalog following evidence of active exploitation in Google Dawn's WebGPU implementation.
CVE-2023-46747: 14,000 F5 BIG-IP APM Instances Exposed to RCE
Over 14,000 F5 BIG-IP APM instances remain vulnerable to critical RCE flaws. Learn about CVE-2023-46747 exploitation risks and how to secure your perimeter.
iOS 18.7.7 Update Expanded to Mitigate DarkSword Exploit Kit Risks
Apple expands iOS 18.7.7 and iPadOS 18.7.7 availability to additional devices to mitigate risks from the recently disclosed DarkSword exploit kit.
Apple iOS 18 Security Updates: Mitigating DarkSword Exploit Chain
Apple expands iOS 18 security patches to protect more iPhone models against the DarkSword exploit kit targeting WebKit and JavaScriptCore vulnerabilities.
Google Chrome Zero-Day Patch: Fourth In-the-Wild Exploit
Google has released an urgent security update for Chrome, patching the fourth zero-day vulnerability actively exploited in 2024. Update now to protect against
PX4 Autopilot v1.16.0 RCE via CVE-2026-1579: Mitigation Guide
Unauthenticated attackers can execute shell commands on PX4 Autopilot v1.16.0 via MAVLink. Learn how to enable message signing to secure autonomous systems.
CVE-2026-3356: Anritsu Remote Spectrum Monitor Authentication Bypass
Critical CVE-2026-3356 allows authentication bypass in Anritsu Remote Spectrum Monitors. Attackers can alter settings, obtain sensitive data, and disrupt device
CVE-2026-3502: TrueConf Zero-Day Exploited in Asia Gov Attacks
TrueConf video conferencing zero-day [CVE-2026-3502] exploited to distribute tampered updates to Southeast Asian government networks in 'TrueChaos' campaign.
Vulnerability Management for Mid-Market: Prioritizing Remediation Speed
Mid-market organizations must shift vulnerability management focus from vulnerability count to remediation speed, integrating attack surface management for comprehensive
Censys Secures $70 Million to Advance Internet Intelligence Platform
Censys raises $70 million in funding, bolstering its internet intelligence platform for enhanced attack surface management and global asset discovery.
Fortinet FortiClient EMS Critical SQLi Flaw Under Active Exploitation
Critical SQL injection in FortiClient EMS allows unauthenticated remote code execution. Active exploitation detected, immediate patching required.
Uranium Finance Exploit: Hacker Charged for $53 Million Breach
US prosecutors charge a Maryland man for stealing $53 million from Uranium Finance by exploiting smart contracts and laundering via Tornado Cash.