Microsoft Just Patched a Major Security Vulnerability for This Popular Windows App

AI-related changes to Notepad allowed attackers to execute arbitrary code on your computer. The vulnerability was related to ...

Mozilla Issues Firefox System Takeover Security Update

Security issue impacts Firefox web browser and Thunderbird email client, potentially enabling attackers to execute arbitrary ...
SecurityWeek

Google Patches First Actively Exploited Chrome Zero-Day of 2026

Google released an emergency Chrome update on Friday to patch a zero-day vulnerability that has been exploited in the wild.

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...
TechJuice

Critical WordPress Plugin Flaw Exposes 900,000+ Sites to Remote Code Execution

A critical remote code execution flaw in the WPvivid Backup & Migration WordPress plugin puts over 900,000 sites at risk unless patched.

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...

Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices.
SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
heise online

MCPoison: Vulnerability in Cursor IDE – Execute arbitrary code via MCP

Due to a lack of security checks, attackers can change MCP configurations in the Cursor IDE to execute arbitrary code. In the case of the vulnerability named MCPoison by the security analysts, which ...