Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users ...

CISA has expanded the KEV catalog to include seven vulnerabilities, including Windows flaws that lead to privilege escalation ...

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

Satnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly ...

Google is bringing memory-safe Rust code to the Pixel 10 modem to protect users from remote hacking and memory-safety ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

Anthropic’s Claude Code now controls macOS apps with mouse, keyboard, and screenshots, plus remote actions via the new ...