Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ...

The insecure deserialization and authorization bypass flaws could enable attackers to escalate privileges and run arbitrary commands.

"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute ...

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the ...

This glossary includes the most common terms and expressions TechCrunch uses in our security reporting, and explanations of ...

Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for ...

CVE-2025-22604 in Cacti (CVSS 9.1) enables authenticated attackers to execute remote code. Upgrade to version 1.2.29 to ...

Apple has rolled out iOS 18.3, which addresses 29 vulnerabilities including an issue with the core media framework already ...

Apple-designed chips powering Macs, iPhones, and iPads contain two newly discovered vulnerabilities that leak credit card ...

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day ...

Apple's iOS 18.3 and iPadOS 18.3 updates contain key security improvements and patch actively exploited vulnerabilities. Here ...