IPOR Labs suffered a $336,000 exploit targeting its USDC Fusion Optimizer vault on Arbitrum, with the attack exploiting a combination of legacy contract vulnerabilities and Ethereum’s newly ...

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...

The flaw allows authenticated n8n users with workflow-creation or modification permissions to bypass the intended security sandbox.

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...

A newly disclosed macOS vulnerability bypasses Apple’s TCC privacy controls, allowing silent access to files, microphone data ...

CISA adds two vulnerabilities affecting Microsoft Office and HPE OneView to its KEV list, urging agencies to patch by January ...

If you're unaware, web browsers are horribly insecure. They're like a ship with a thousand holes and a thousand sailors with ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

AI coding agents are highly vulnerable to zero-click attacks hidden in simple prompts on websites and repositories, a ...