Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...

Hackers have been unsuccessfully targeting CVE-2023-33538, a vulnerability in discontinued TP-Link routers, for a year.

CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...

For the enterprise, the Desktop GUI is likely to become the standard for management and review, while the CLI remains the ...

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Remember when you had to really dig in concentrate and understand exactly how C# and other code worked at the most basic levels? Then you'll like Microsoft's early preview of .NET 11.