A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...

New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access ...

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

CVE-2026-20230, a recently patched vulnerability affecting Cisco’s Unified Communications Manager, is being exploited in ...

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being ...

Paradigm Shift has published a working exploit for Apple's A12 and A13 SecureROM. The flaw is in hardware, so no patch will ...

What happened Security researchers at Paradigm Shift published a working exploit called usbliter8 that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. SecureROM ...

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...

Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with ...

Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.

What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...

Millions of older iPhones, iPads, and Apple Watches with A12 and A13 chips are vulnerable to a permanent hardware flaw called ...