Everyone, get your update hats on immediately, we're at DEFCON 1 ...

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...

TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the ...

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption ...

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

Security experts offer their takes on some of the flaws, including a set of vulnerabilities that could enable remote code execution in Microsoft Office. Microsoft patched 68 vulnerabilities in the ...