A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete arbitrary files.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

First Patch Tuesday of 2026 goes big Microsoft and Uncle Sam have warned that a Windows bug disclosed today is already under ...

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...

Cisco patched a critical exploit affecting some of its communication-based products. Designated as CVE-2026-20045, the vulnerability allows bad actors to run arbitrary commands on an affected device’s ...

The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated ...