A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
CVE-2025-8088, a WinRAR vulnerability patched in July 2025, has been widely exploited by state-sponsored threat actors and cybercriminals.
To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious ...
ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links ...
Microsoft rushed an emergency Patch Tuesday fix after a new Office zero-day began spreading in active attacks. CISA warns ...
A Microsoft zero-day vulnerability has been added to the KEV catalogue alongside the SmarterTools SmarterMail authentication ...
A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
Put rules at the capability boundary: Use policy engines, identity systems, and tool permissions to determine what the agent ...
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results