The latest phMonitor vulnerability continues a multiyear pattern of unauthenticated command‑injection flaws in Fortinet’s ...

DeadLock, a ransomware group that first emerged in July 2025, has made news again, and this time it is for abusing Polygon ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

Palo Alto Networks fixed CVE-2026-0227, new GlobalProtect flaw that lets unauthenticated attackers trigger firewall DoS & ...

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.

Eight Windows and Office vulnerabilities patched this month have been assigned a critical severity rating. A majority can be ...

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass ...

Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active ...

Max-severity OneView hole joins a PowerPoint bug that should've been retired years ago CISA has added a pair of security ...