Eleven zero-day vulnerabilities in WindRiver’s VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis. Six ...

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...

Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found. Hackers have begun exploiting recently patched ...

Pwn2Own, organized by the Zero Day Initiative, is a contest for white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services. The latest ...

Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. Tracked ...

A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code. IBM has patched a critical buffer ...

A vulnerability chain discovered in Zoom's chat functionality can be exploited to allow zero-click remote code execution (RCE), threat hunters have revealed. Google's Project Zero uncovered an attack ...

Microsoft released its batch of monthly security updates this month covering 73 vulnerabilities, including two zero-day flaws exploited in the wild. While organizations should prioritize all critical ...

Sophos has patched a remote code execution (RCE) vulnerability in the Firewall product line. Sophos Firewall is an enterprise cybersecurity solution that can adapt to different networks and ...

The internet behemoth rolled out the Chrome 90 stable channel release to address this and eight other security vulnerabilities. Google’s Chrome browser has several security vulnerabilities that could ...