CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...

Many times when performing penetration tests, there is no lack of tools for conducting penetration testing, but rather the issue relates to performing penetration testing in a fractured way.

Commercial AI models were able to autonomously generate real-world smart contract exploits worth millions; the costs of such attacks are falling rapidly. Recent research by major artificial ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Twice every year, some of the best hackers on the planet get ...

In today’s digital landscape, cybersecurity is paramount. With cyber threats evolving at an unprecedented rate, organizations must proactively safeguard their systems and data. One of the most ...

TL;DR: The Nintendo Switch 2 has a newly discovered userland ROP exploit allowing custom graphics display, revealing security vulnerabilities. This early hack signals potential risks for homebrew apps ...

Pwn2Own hackers use $150,000 exploit on VMware ESXi. The elite hackers attending Pwn2Own in Berlin have made hacking history by successfully deploying a zero-day exploit against VMware ESXi. Having ...