Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.

Google has released a security update to patch a newly discovered zero-day in Chrome and the company warned an exploit exists in the wild. The update, published on February 13, was accompanied by an ...

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

A zero-day vulnerability that has been with iOS since the first iPhone launched has been identified and patched out by Apple, ...

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Ivanti's enterprise VPN solution faces another instance of active exploitation due to a recent vulnerability, marking the third flaw discovered in Ivanti's Connect Secure VPN. One of the newly ...