Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access
SolarWinds has released Serv-U 15.5.4 to address four critical vulnerabilities — CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541 (CVSS 9.1) — that...
SolarWinds has released Serv-U 15.5.4 to address four critical vulnerabilities — CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541 (CVSS 9.1) — that...
A high-severity vulnerability (CVE-2026-2441, CVSS pending vendor confirmation) has been disclosed in Google Chrome and the Chromium engine, allowing attackers...
Introduction A critical vulnerability (CVE-2026-1731, CVSS 9.9) was publicly disclosed on February 6, 2026 affecting BeyondTrust Remote Support (RS) and...
We forced GitHub to prompt-inject itself. It allowed us to control Copilot’s responses and exfiltrate Codespaces’ GITHUB_TOKEN secret. The end...
Introduction A critical vulnerability (CVE-2025-62878, CVSS 10.0) was disclosed on February 4, 2026 affecting all versions of Rancher's Local Path...
Executive Summary The Orca Research Pod has uncovered multiple attack vectors in GitHub Codespaces that allow remote code execution (RCE)...
Introduction A critical vulnerability (CVE-2026-22778, CVSS 9.8) was disclosed on February 2, 2026, affecting vLLM, a widely-deployed Python library for...
Introduction State-sponsored attackers compromised Notepad++'s hosting infrastructure from June through December 2025, hijacking the application's update mechanism to deliver malicious...
A critical vulnerability (CVE-2026-1470, CVSS 9.9) was disclosed on January 27, 2026 affecting n8n, the popular open-source workflow automation platform....