Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
CSOonline

Microsoft demonstrates remote code execution exploit against PLCs that support CODESYS

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...
Cybernews

Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...
Bleeping Computer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...
Dark Reading

Adobe Patches Actively Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...
WinBuzzer

Microsoft April 2026 Patch Tuesday Fixes 167 Flaws, 2 Zero-Days

Microsoft has fixed 167 vulnerabilities in its April 2026 Patch Tuesday update, including an actively exploited SharePoint ...
Dark Reading

Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway

Cyberattackers are actively exploiting a critical remote code execution (RCE) bug in several versions of Citrix's NetScaler ADC and NetScaler Gateway application delivery and remote access ...
Abu Dhabi News

Hackers Exploit Six Zero-Day Windows Flaws in Coordinated Attacks

IT administrators have learned to fear a certain type of Tuesday, and February 11 was one of those days. This time, Microsoft ...
Infosecurity-magazine.com

Exploit Code Released For Critical Fortra GoAnywhere Bug

Threat actors could soon strike after a proof-of-concept exploit was published for a critical vulnerability in managed file transfer (MFT) software Fortra GoAnywhere MFT yesterday. Horizon3 published ...