GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 ...

CISA added two actively exploited CVEs to KEV after confirmed attacks, mandating FCEB patching by May 12, 2026.

CVSS vulnerability triage missed a chained Palo Alto attack that hit 13,000 devices. Five failure classes and the fixes ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

A new Meta security advisory has disclosed two WhatsApp vulnerabilities, CVE-2026-23863 and CVE-2026-23866. Here’s what you ...

NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates, ...

CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after ...

NIST announces big changes to the way it categorises and manages CVEs, set to have a big impact on how organisations manage patching and remediation.

The team behind the US National Vulnerability Database (NVD) can’t keep up with the explosion of new reported vulnerabilities, said a top official of the US National Institute of Standards and ...

In keeping with the current administration's pledge to skinny down government to its skeletal remains, the Cybersecurity and Infrastructure Security Agency (CISA) was reportedly prepared to let its ...