Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and ...

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Juniper Networks released an out-of-band update for its Junos OS Evolved network operating system to patch a critical vulnerability.

Researchers say threat actors used the sophisticated — and unfortunately named — toolkit to target high-value networks for React2Shell exploitation.

The U.S. federal government is rethinking how to support its globally adopted vulnerability tracking ecosystem after years of backlogs, funding scares and growing doubts about whether the existing ...

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances is now being exploited in attacks after a PoC was published ...

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...