An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub ...

Ivanti has released emergency patches for its Endpoint Manager Mobile platform after confirming that attackers exploited a previously unknown vulnerability to execute code remotely on targeted servers ...

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by ...

Proof-of-concept (PoC) code has been published for a one-click RCE vulnerability in open source LLM building platform Flowise.

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution exploit on previous versions, and on end-of-support Pulse Connect Secure ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day exploits targeting Windows users.