An ASP.NET feature, ViewState stores the state of a webpage in a hidden HTML field, for persistence. Attackers can target the ...

Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit ...

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.

watchTowr Labs researcher Piotr Bazydlo said the newly uncovered bugs could be fashioned into an exploit chain by bringing together the pre-auth HTML cache poisoning vulnerability with a ...

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...

Chrome's latest release addresses a high-severity use-after-free vulnerability in the V8 JavaScript engine that could be ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE ...

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.

Zerodium has announced today an increased interest in exploits for the WordPress content management system that achieve remote code execution.

Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be used to take full control of an iPhone surfing ...

It does count as remote code execution because it's allowing execution of code when it shouldn't be possible.