Code Defence

Organizations have until the end of today to remediate a critical prototype pollution vulnerability in the world most popular PDF […]

A previously undocumented threat actor is leveraging social engineering via internal collaboration platforms to bypass traditional email security perimeters. This

Two critical vulnerabilities in a popular cloud migration and backup utility are being exploited to execute unauthorized commands on backup

A critical Server-Side Request Forgery vulnerability in a popular toolkit for deploying large language models is being actively weaponized to

A critical path traversal vulnerability in a widely used enterprise display management server has been added to the federal list

A critical pre-authentication remote code execution vulnerability in a popular AI orchestration framework is now being exploited in the wild.

A functional proof-of-concept exploit has been published for a critical command execution vulnerability in your automated threat analysis infrastructure. This

A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.

Attackers are industrializing the exploitation of a critical privilege escalation flaw in the Windows security subsystem to gain SYSTEM-level access

A new ransomware threat actor has emerged, specifically targeting Managed Service Providers to deliver encryption payloads to dozens of downstream