Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
CVE-2023-50387: Critical BIND DNSSEC Vulnerabilities — Patch Now
ISC releases critical BIND security updates for CVE-2023-50387 and CVE-2023-50868, addressing high-severity resource exhaustion and KeyTrap DNSSEC vulnerabilities.
Claude Chrome Extension Zero-Click Prompt Injection Vulnerability
A critical flaw in Anthropic's Claude Chrome extension allowed websites to silently inject malicious prompts using zero-click XSS techniques.
Coruna iOS Kit Reuses Operation Triangulation Kernel Exploit Code
Kaspersky researchers reveal that the Coruna iOS exploit kit reuses sophisticated kernel exploit code from the 2023 Operation Triangulation campaign.
CVE-2024-38077: RCE in Windows Remote Desktop Licensing — Patch Now
Technical analysis of CVE-2024-38077, a critical heap overflow vulnerability in Windows Remote Desktop Licensing Service allowing unauthenticated RCE.
Apple Addresses 85 Vulnerabilities in Recent OS Updates
Apple released significant security updates patching 85 vulnerabilities across macOS, iOS, iPadOS, tvOS, watchOS, and visionOS, with no active exploitation reported.
CVE-2024-34102: PolyShell Exploits Target 56% of Magento Stores
Attackers are aggressively exploiting the CosmicSting vulnerability (CVE-2024-34102) in Magento and Adobe Commerce stores using PolyShell polyglot web shells.
GitHub Copilot Autofix: AI-Driven Vulnerability Remediation in GHAS
GitHub integrates AI-powered scanning into Advanced Security to detect and remediate vulnerabilities across more languages using Copilot Autofix.
CVE-2026-33017: Langflow Code Injection - Patch Immediately
CISA adds actively exploited Langflow Code Injection Vulnerability (CVE-2026-33017) to KEV catalog. Critical patch urged for all organizations.
Onit Security Raises $11M for Continuous Exposure Management
Israeli startup Onit Security secures $11 million in seed funding to scale its platform for identifying and prioritizing exploitable enterprise exposures.
Citrix NetScaler Info Disclosure: CVE-2024-8069 Patch Guide
Citrix urges immediate patching of two NetScaler ADC and Gateway vulnerabilities, including a flaw similar to the high-impact CitrixBleed exploit.
Archer NX200 and NX510v Auth Bypass: CVE-2024-5035 Patch Guidance
TP-Link patches critical auth bypass CVE-2024-5035 and command injection in Archer NX routers, preventing unauthorized firmware uploads and remote code execution.
PTC Windchill RCE via CVE-2024-38472 — Mitigation and Patch Guide
PTC warns of imminent RCE threats against Windchill and FlexPLM systems. Learn how to secure your PLM environment and apply critical security updates now.