Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

CERT-In has issued a high-severity alert for Google Chrome desktop users, warning of a vulnerability that could allow remote ...

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Even the company’s Notepad app, which once allowed users to jot down notes in plain text, has turned into a bloated, ...

CERT-In warns of a high-risk Chrome vulnerability on Windows, macOS and Linux. Update Chrome now to prevent system compromise ...

The vulnerability of the “connective tissue” of the AI ecosystem — the Model Context Protocol and other tools that let AI agents communicate — “has created a vast and often unmonitored attack surface” ...

Leaning Technologies today launches BrowserPod for Node .js, the first engine of BrowserPod, a universal execution layer for browser-based compute. BrowserPod provides a sandboxed runtime API that ...

CERT-In has issued a critical security advisory for Google Chrome users, highlighting a "High" severity vulnerability, CVE-2026-2441. This flaw allows remote attackers to execute malicious code simply ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.