F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

Threat actors are exploiting CVE-2025-53521, a critical F5 BIG-IP vulnerability that has been reclassified as a remote code execution issue.

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of ...

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a ...

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed ...

A newly disclosed vulnerability tracked as CVE-2026-32746 has put a spotlight back on a service most security teams would rather ...

Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack Your email has been sent How the ToolShell RCE attack works How to protect your SharePoint server from compromise What to do ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.