CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...

Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) ...

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...

According to Microsoft, a zero-day flaw is one that has been publicly disclosed or actively exploited while no official fix has been deployed. Bleeding Computer reports that the exploited zero-day ...

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is available.

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...