A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...

Hackers are exploiting yet another vulnerability in one of Ivanti’s widely used enterprise products, the U.S. government’s cybersecurity agency CISA warned in a fresh alert this week. The remote code ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. This Patch Tuesday fixed five ...

In a nutshell: Microsoft's June 2024 Patch Tuesday Windows 10 and 11 updates fix 51 security flaws, including a Wi-Fi vulnerability that enables remote code execution. Despite its low threat rating, ...

The remote code execution flaw affects Windows-based PHP installations, and was initially disclosed in June 2024. Exploitation of a critical-severity vulnerability affecting Windows-based PHP ...

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...