OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks.

The National Institute of Standards and Technology is preparing to shift its role in the globally-adopted vulnerability ...

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape ...

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...

All Intel processors since 2018 are affected by Branch Privilege Injection. The image shows an example of an Intel server system. Anyone who speculates on likely events ahead of time and prepares ...

A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...

For the past two years, cybersecurity teams have been facing an explosion of publicly reported vulnerabilities in software and hardware products, making it increasingly challenging to prioritize patch ...

The European Union Agency for Cybersecurity (Enisa) has debuted a European Union Vulnerability Database (EUVD) to provide “aggregated, reliable and actionable” information on newly disclosed cyber ...

The UK’s National Cyber Security Centre (NCSC) has lifted the lid on a Vulnerability Research Initiative (VRI) programme designed to engage the private sector on vulnerability research and discovery ...

NetWeaver AS Java hole, rated severity 10, allows an unauthenticated attacker to execute arbitrary OS commands, and NTLM bug is rated likely for exploitation, warn security vendors. CISOs with SAP ...