Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown files. Here are the details ...

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed ...

CERT-In has issued a high-severity alert for Google Chrome desktop users, warning of a vulnerability that could allow remote ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.

CERT-In warns of a high-risk Chrome vulnerability on Windows, macOS and Linux. Update Chrome now to prevent system compromise ...

Even the company’s Notepad app, which once allowed users to jot down notes in plain text, has turned into a bloated, ...

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

Over the past two weeks, most coverage around Moltbot and OpenClaw has chased the flashy angle. One-click exploits, remote code execution, APT chatter, scary screenshots. Meanwhile, security teams are ...

CERT-In has issued a critical security advisory for Google Chrome users, highlighting a "High" severity vulnerability, CVE-2026-2441. This flaw allows remote attackers to execute malicious code simply ...