The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that ransomware actors are exploiting CVE-2026-24423, a critical vulnerability in SmarterMail that allows remote code ...

A critical vulnerability in SolarWinds’ Web Help Desk service has been added to the US Cybersecurity and Infrastructure Security Agency’s (Cisa) Known Exploited Vulnerabilities (Kev) catalogue as ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published ...

BeyondTrust warns of critical RCE flaw CVE-2026-1731 in RS and PRA Vulnerability allows unauthenticated OS command execution, risking compromise and data exfiltration Patch released February 2, 2026; ...

Researchers have identified two five-alarm security issues in a popular Google data service, either of which could allow attackers access to sensitive secrets useful for rampant lateral movement.

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...

Researchers at Huntress Security have published data on the exploitation of a critical SolarWinds Web Help Desk (WHD) vulnerability, revealing how in at least three known incidents, attackers ...

Enterprises are urged to patch self-hosted versions of both Remote Support and Privileged Remote Access due to a 9.9-severity vulnerability that could lead to system compromise. Companies using ...

A single Google Calendar event can silently compromise a system running Claude Desktop Extensions, according to security researchers at browser security provider LayerX. In a new report published on ...

Security issues continue to pervade the OpenClaw ecosystem, formerly known as ClawdBot then Moltbot, as multiple projects patch bot takeover and remote code execution (RCE) exploits.… The initial hype ...