Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution ...

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...