F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. The flaw was reported on ...
Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...
データセキュリティプラットフォーム・Cyeraの研究チームが、ノーコードでワークフローを自動化するツール「n8n」で、認証不要のリモートコード実行を可能にするn8nの重大な脆弱(ぜいじゃく)性「Ni8mare(CVE-2026-21858)」を発見しました。 Ni8mare ...
Multiple Malaysian government websites have been compromised in a series of cyberattacks, the National Cyber Security Agency (NACSA) confirmed. The attacks are believed to have exploited a critical ...
A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 servers remain exposed to the public internet with no patch applied. The flaw, ...