Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background ...

A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security ...

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

A critical, 18-year-old vulnerability in the NGINX web server has been discovered, which allows unauthenticated attackers to ...

A critical vulnerability discovered by AI spans most of the history of NGINX, which was first made available in 2004. The web ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

Spread the loveOn May 7, 2026, Google rolled out an urgent security update for its widely-used web browser, Chrome. This update, which addresses 30 vulnerabilities, has raised significant alarms ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April 29.

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.