Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at ...

Unity has fixes ready to go, and Valve has released an updated version of Steam, too.

Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. FortiWeb ...

Cisco ASA zero-day attacks used RayInitiator bootkit and LINE VIPER malware to breach end-of-support firewalls.

Crypto exploits slowed down in September based on the total value of stolen funds, but showed more sophistication in exploiting smart contracts.

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system ...

Threat actors, likely supported by the Russian government, hacked multiple high-value mail servers around the world by exploiting XSS vulnerabilities, a class of bug that was among the most commonly ...

A new backdoor malware campaign targeting Linux systems and exploiting a critical vulnerability in SAP has been uncovered by cybersecurity researchers. The malware, known as Auto-Color, was deployed ...

Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant ...

Cryptocurrency investors lost more than $300 million to scams, hacks and exploits in May, according to blockchain security firm CertiK. The majority of those losses were related to code vulnerability ...