A critical security flaw in NVIDIA’s Merlin Transformers4Rec framework allows threat actors to execute code remotely with root-level access, raising alarm across the AI ecosystem. The vulnerability, ...

A newly-uncovered RCE flaw in SolarWinds' helpdesk product bypasses two previously-issued fixes, and users should prioritise ...

New report outlines the Top 25 MCP vulnerabilities and how attackers could exploit AI agents, plus strategies for defense.

Cisco users are urgently advised to update their firewall command center in light of a remote code execution (RCE) vulnerability. According to a "critical"-level alert issued last week, Cisco’s Secure ...

Plex notified some users late last week of a vulnerability affecting certain Plex media servers. It's not yet clear what exactly the vulnerability is, but it's believed to be serious. If you run a ...

Yesterday was Patch Tuesday for Microsoft, which means tons of security updates across the company’s products and services. Specifically, 107 new security vulnerabilities have been patched. Microsoft ...

A severe remote code execution (RCE) vulnerability in Erlang’s Open Telecom Platform (OTP) Secure Shell daemon (sshd) is being actively exploited. According to a new analysis by Palo Alto’s Unit 42, ...

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six countries, targeting firewalls in critical infrastructure sectors. A ...

ESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise ...

Automated security reviews in Claude Code help ensure code safety. Spot and fix vulnerabilities before your code reaches production. Run the /security-review command in the terminal or via GitHub ...

Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default configuration of the tool surreptitiously exfiltrate sensitive data to an ...

Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant ...