A critical vulnerability in BeyondTrust Remote Support is facing an increase in threat activity, with hackers deploying ...

The companies extend their long-standing agreement with a three-year renewal for XGuard® runtime integrity software, ...

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

Apple has pushed an urgent software update to its massive global iPhone user base after security researchers identified critical flaws in WebKit, the engine that powers Safari and nearly every browser ...

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...

Google has released a security update to patch a newly discovered zero-day in Chrome and the company warned an exploit exists ...

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...