Code Defence

A critical privilege escalation flaw in the Windows security subsystem has been added to the federal list of known exploited […]

A maximum-severity privilege escalation vulnerability in a core web development framework allows attackers to bypass security boundaries and execute code

A critical vulnerability in a popular web server management interface is being weaponized to hijack enterprise web traffic and steal

A sophisticated supply chain attack targeting the Node Package Manager (npm) ecosystem is leveraging compromised developer tokens to distribute malicious

Two critical vulnerabilities in the management plane of modern software-defined networking infrastructure are being actively exploited in the wild. These

CISA has issued an emergency warning regarding the ongoing fallout from the supply chain compromise affecting the Axios npm package.

A critical remote code execution vulnerability has been uncovered in the widely used protobuf.js library. An attacker can exploit this

A cluster of 22 high-severity vulnerabilities has been identified in industrial serial-to-IP converters used to bridge legacy applications with modern

Unauthenticated attackers are rampantly exploiting a critical SQL injection flaw in endpoint management servers to execute unauthorized commands. The volume

An unauthenticated remote code execution vulnerability in the core Windows networking stack is being exploited to compromise VPN gateways and