The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...

Security vulnerabilities in some connected video conferencing products could allow hackers to remotely gain control of equipment and use it as a snooping tool. The remote OS command injection ...

CISA warns of a new SmarterTools SmarterMail vulnerability exploited by ransomware groups for unauthenticated RCE.