CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. "Ivanti has released ...

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

A critical remote code execution and supply chain vulnerability was recently discovered by researchers in Gemini CLI.

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...

GitHub has disclosed a critical remote code execution flaw, CVE-2026-3854, exploitable via a single git push, and a popular PyPI package tied to GitHub Actions was hacked to deliver malware. Both ...

Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack Your email has been sent How the ToolShell RCE attack works How to protect your SharePoint server from compromise What to do ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...