Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without ...

Claude collaboration tools left the door wide open to remote code execution

Anthropic fixed the flaws – but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have ...

Anthropic Claude Code's security flaws expose devices to silent hacking, triggered from remote code execution; claims report

Security experts have identified three critical vulnerabilities in Anthropic's Claude Code, potentially allowing remote code ...
Infosecurity Magazine

Zero-Click FreeScout Bug Enables Remote Code Execution

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction ...
SecurityWeek

Critical FreeScout Vulnerability Leads to Full Server Compromise

A critical-severity FreeScout vulnerability can be exploited for remote code execution without authentication or user ...

Google says 90 zero-days were exploited in attacks last year

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
SecurityWeek

VMware Aria Operations Vulnerability Exploited in the Wild

CVE-2026-22719, a recently patched vulnerability in VMware Aria Operations, has been exploited in the wild, CISA warned.

Check Point researchers flag critical flaws in Anthropic’s Claude Code

Cybersecurity solutions company Check Point has found critical flaws in Anthropic’s Claude Code. They cautioned that ...
DataBreachToday

AI Security Risks in AI-Assisted Development

AI-assisted development accelerates software delivery but expands the threat surface. From prompt injection and malicious MCP ...

Microsoft plugs remote code vulnerability in Notepad app on Windows 11

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown ...
CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...