SecurityWeek

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

Hackers exploited a vulnerability in PTC Windchill in the wild, marking the first confirmed real-world abuse of the PLM ...
The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...
Bleeping Computer

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
CSO Online

Langflow RCE under active attack months after a patch was shipped

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.
Bleeping Computer

Hackers exploiting critical F5 BIG-IP flaw in attacks, patch now

Cybersecurity firm F5 Networks has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to ...
Fox 5 San Diego

Searchlight Cyber Discloses Critical Remote Commnad Execution Vulnerabulity in ETQ Reliance

The Assetnote Security Research Team at Searchlight Cyber has uncovered a series of vulnerabilities in the quality management platform ETQ Reliance. In particular, the ability to access an internal ...
Microsoft

Beyond the benchmark: Advancing security at AI speed

Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into ...