Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

You can infect your PC with malware without ever leaving Notepad, thanks to recent updates and additions. Hooray.

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown files. Here are the details ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

CERT-In has issued a high-severity alert for Google Chrome desktop users, warning of a vulnerability that could allow remote ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a single malicious spreadsheet formula. The issue was uncovered by Cyera ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...

There's a remote code execution vulnerability in Notepad which is leveraged via the recently introduced formatting abilities to make tables in the app.

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.