Une nouvelle vulnérabilité (CVE-2026-26012) a été corrigée dans Vaultwarden : elle permet de récupérer les mots de passe chiffrés d'autres collections.
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking.
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remote, unauthenticated attacker to execute commands or code.
Scammers exploited a PayPal subscriptions feature to send legitimate emails from service@paypal.com, using fake purchase notifications to push tech support scams.
Learn how the JFrog Security research team discovered and disclosed CVE-2025-11953 which poses a threat to developers using the popular React Native CLI.
CISA says threat actors are now actively exploiting a high-severity Windows SMB privilege escalation vulnerability that can let them gain SYSTEM privileges on unpatched systems.
Welcome to Day One of Pwn2Own Ireland 2025! We have 17 attempts today with some exciting research on display. We’ll be posting results here as we have them, and follow us on Twitter , Mastodon , and Bluesky .
Microsoft links Storm-1175 to GoAnywhere flaw CVE-2025-10035, exploited since September for Medusa ransomware.
Microsoft patched CVE-2025-55241 July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.
Over 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with a publicly available exploit.
A zero-day vulnerability in the Linux kernel was discovered, utilizing OpenAI's o3 model. This finding, designated as CVE-2025-37899, marks a significant advancement in AI-assisted vulnerability research.
: EUVD comes into play not a moment too soon
Cisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote exploits.