The issue allowed attackers to "execute arbitrary code inside a sandbox".

Apple released several emergency security updates on Wednesday to fix a zero-day vulnerability that had already been exploited in advanced cyberattacks against its devices. According to notes shared ...

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.

Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the ...

The Forum of Incident Response and Security Teams (FIRST) officially launched the fourth version of the Common Vulnerability Scoring System (CVSS 4.0), in November 2023. CVSS 4.0, the industry ...

Were the CVE program to be discontinued, security teams would have a hard time finding one resource that would function with the same impact across the board. Here are current issues of relying on CVE ...

Apple has released emergency security updates to fix two zero-day vulnerabilities that attackers actively exploited in highly targeted attacks. The company described the activity as an "extremely ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

The Cybersecurity and Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws this week. The US federal agency has urged all organizations to ...

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...