A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

An autonomous AI agent built on Claude Opus reportedly chained together zero-day vulnerabilities in GitHub Actions workflows, ...

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...

Hackers are exploiting a critical vulnerability in Mirasvit Full Page Cache Warmer to execute code remotely on Magento ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical security flaw. Nobody caught it. Not the open-source contributors who maintained ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub ...

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ...

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. The flaw was reported on ...

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...