Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...

Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday also fixes eleven "Critical" ...

Careful out there.

Today is Microsoft's June 2025 Patch Tuesday, which includes security updates for 66 flaws, including one actively exploited vulnerability and another that was publicly disclosed. This Patch Tuesday ...