Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The ...

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems.

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Adobe is investigating the report, but has yet to confirm that the exploit bypasses the sandbox protection in Adobe Reader 10 and 11 Researchers from security firm FireEye claim that attackers are ...

"Attacks work when a vulnerable system uses Internet Explorer to visit a website that contains XML code that corrupts memory in a way that can execute malicious code." If you haven't already, this is ...