The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...
Geeky Gadgets

Windows Wi-Fi Driver Remote Code Execution Vulnerability explained

A severe security flaw, CVE-2024-3078, has been discovered in the Windows Wi-Fi driver. This vulnerability allows remote code execution at the kernel level without needing user interaction or ...
WinBuzzer

10,000+ Claude Desktop Users Exposed by Zero-Click Flaw

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...
Bleeping Computer

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...
WeLiveSecurity

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...
SiliconANGLE

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...