CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

A critical vulnerability in SolarWinds’ Web Help Desk service has been added to the US Cybersecurity and Infrastructure Security Agency’s (Cisa) Known Exploited Vulnerabilities (Kev) catalogue as ...

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.

Developer Canteen Games along with publisher Weekend Games have announced a new horror exploration game called Remote Control, in which you need to find out what has happened to a derelict spaceship ...

After completing a degree in Film, Television, and Cultural Studies at Manchester Metropolitan University, I decided to pursue my love of writing and video games by entering the world of video game ...

For the fastest way to join Tom's Guide Club enter your email below. We'll send you a confirmation and sign you up to our newsletter to keep you updated on all the latest news. By submitting your ...

Amaranth Dragon, linked to APT41, joins groups exploiting WinRAR CVE-2025-8088 Targets include organizations across Southeast Asia, using custom loaders and Cloudflare-masked servers Vulnerability ...