Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring ...
A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of ...
The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
IT managers who use F5 BIG-IP Access Policy Manager (APM) (now operating under the name “BIG-IP Zero Trust Access”) for app ...
Indias CERT-In warns of high severity Apple vulnerabilities across iOS, iPadOS, macOS and related apps. Update devices ...
TA446 used leaked DarkSword on March 26 to target iOS devices, prompting Apple alerts and widening mobile espionage risks.
Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...
Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve ...
Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...
Discover the architecture behind Cloudflare's Dynamic Workers. Learn how they eliminate cold starts and make serverless sandboxes 100x faster for developers.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results