A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Drift Protocol reveals details of the April 1 exploit, tracing a six-month social engineering attack causing over $280M in ...

Drift Protocol said the attackers posed as traders, met contributors in person, and spent months infiltrating before draining the platform.

Coruna reuses Triangulation kernel exploits targeting iOS 13–17.2.1 devices, expanding attacks into mass exploitation ...

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached systems.

Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed ...

Anthropic said on Tuesday that it has halted the broader release of its newest AI model, Mythos, due to concerns that it is ...

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...