Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...

Real victory will come when secure by design isn’t a special initiative but the standard starting point for every project.

Cybercriminals are abusing a post-compromise zero-day vulnerability in the Windows Common Log File System (CLFS) to deploy ransomware. The Microsoft Threat Intelligence Center (MSTIC) and Microsoft ...

A critical code injection vulnerability in SAP's S/4HANA ERP software that was first disclosed last month is now under exploitation in the wild. SAP previously disclosed and patched CVE-2025-42957, ...

AMD confirms Zen 5 CPUs have a critical security vulnerability that threatens crypto integrity, and a full fix is slated to ...

The threat associated with a critical decade-old remote code execution vulnerability in Roundcube webmail has increased sharply in recent days, with proof-of-concept (PoC) code for the bug becoming ...

Microsoft has issued urgent security warnings about ongoing cyberattacks targeting SharePoint server software used by government agencies and businesses worldwide. The attacks exploit a previously ...

Microsoft said it observed a threat actor known as Storm-2460 abuse a use after free flaw in Windows Common Log File System Driver The flaw is used to deploy PipeMagic, which is then used to deliver ...