A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

CERT-IN has issued a critical alert for Google Chrome desktop users, highlighting a vulnerability that could allow remote hackers to execute arbitrary code on affected systems.

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

Microsoft has finally addressed a serious zero-day vulnerability affecting multiple Office versions. However, not all users ...

A zero-day vulnerability in WatchGuard Firebox firewalls is under active exploitation, marking the latest attacks against edge devices this month. WatchGuard disclosed the vulnerability, tracked as ...

In the club, we all care about system security. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. "System security is not a matter to be taken ...

The European Union Agency for Cybersecurity (Enisa) has debuted a European Union Vulnerability Database (EUVD) to provide “aggregated, reliable and actionable” information on newly disclosed cyber ...

Now would be a good time to update all your Bluetooth audio devices. On Thursday, Wired reported on a security flaw in 17 ...

The UK’s National Cyber Security Centre (NCSC) has lifted the lid on a Vulnerability Research Initiative (VRI) programme designed to engage the private sector on vulnerability research and discovery ...

WhisperPair can give hackers an ear into your microphones, speakers, and in some cases, even your location. The vulnerability ...