CVE-2024-3721 and CVE-2023-33538 exploited in TBK DVRs and EoL TP-Link routers, enabling Mirai variants and DDoS risk.

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

Three Defender zero-days exploited since April 10, 2026, enabling privilege escalation and DoS, forcing isolation of affected ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

Exposed LLM servers are being actively scanned and exploited. Learn how attackers find misconfigured AI infrastructure and ...

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

According to Bleeping Computer, the BlueHammer vulnerability is a Local Privilege Escalation (LPE) flaw that leverages a ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...