A high-severity Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-32635, has been disclosed in the Angular framework’s runtime...
Cyber Attack
An uncovered coordinated software supply chain campaign tied to the GitHub account BufferZoneCorp and the RubyGems profile knot-theory, targeting developers,...
A malicious artifact has been identified in the widely used intercom/intercom-php Packagist package (version 5.0.2), confirming that the ongoing...
A critical flaw, currently unpatched remote code execution vulnerability (CVE-2026-25874) in HuggingFace’s LeRobot robotics framework allows any...
Frappe Framework has disclosed a Stored Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-28436, affecting all versions before...
A critical remote code execution (RCE) vulnerability in GitHub’s internal git infrastructure, CVE-2026-3854 (CVSS: 8.7), that allowed any authenticated...
A high-severity Remote Code Execution (RCE) vulnerability, tracked as CVE-2026-33725, has been disclosed in Metabase Enterprise Edition,...
Moxa, a leading industrial networking and communications manufacturer, has disclosed two serious security vulnerabilities affecting its Secure...
A high-severity vulnerability in the Nessus Agent for Windows, tracked as CVE-2026-33694, enables authenticated attackers to exploit...
A high-severity vulnerability (CVE-2026-41277) has been disclosed in Flowise, the popular open-source drag-and-drop LLM workflow builder, allowing...
