Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE ...

CISA adds four actively exploited vulnerabilities to its KEV catalog, including Chrome RCE, Zimbra SSRF, Windows ActiveX, and ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

SecureLayer7 Blackf0g researcher team A critical RCE vulnerability in n8n has been identified and patched. n8n’s AI ...

SmarterMail administrators have an urgent security update to prioritize: a critical unauthenticated remote code execution (RCE) vulnerability with a CVSS ...

For the second time in less than a month, researchers have uncovered critical vulnerabilities in a key AI workflow automation system that many organizations have begun using to integrate LLMs into ...

A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. All 12 vulnerabilities patched in the open source SSL/TLS toolkit were discovered by ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

A zero-day vulnerability affecting a range of Cisco's unified communications products has been exploited by threat actors, though details of the activity are unclear. Cisco on Wednesday disclosed and ...

Cisco patched a critical exploit affecting some of its communication-based products. Designated as CVE-2026-20045, the vulnerability allows bad actors to run arbitrary commands on an affected device’s ...