F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

Threat actors are exploiting CVE-2025-53521, a critical F5 BIG-IP vulnerability that has been reclassified as a remote code execution issue.

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a ...

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

A newly disclosed vulnerability tracked as CVE-2026-32746 has put a spotlight back on a service most security teams would rather ...

Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed ...

Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution exploit on previous versions, and on end-of-support Pulse Connect Secure ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...