Electronic Arts (EA), which operates the battle royale FPS 'Apex Legends,' has announced that it will postpone the North American finals of the official tournament 'Apex Legends Global Series (ALGS).' ...

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Over the weekend, ​Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability.

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Ransomware actors have been observed exploiting a zero-day Bring Your Own Vulnerable Driver (BYOVD) flaw in Paragon Partition Manager. The CERT Coordination Center (CERT/CC) issued a security update ...

The vulnerability represents a bypass of fixes put in place this year for three critical RCE flaws that had the same root cause and have since been used in attacks. Developers of Apache OFBiz, an open ...

Like most big tech companies, Samsung also runs a bug bounty program. As part of it, the brand offers significant rewards to those ethical hackers who can find bugs in its software. The company ...