Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Security issue impacts Firefox web browser and Thunderbird email client, potentially enabling attackers to execute arbitrary ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

A critical remote code execution flaw in the WPvivid Backup & Migration WordPress plugin puts over 900,000 sites at risk unless patched.

Apple has patched CVE-2026-20700, a dyld code execution vulnerability exploited in an extremely sophisticated attack.

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Google has released an emergency update to patch an actively exploited zero-day—the first Chrome zero-day of the year.

Users could be tricked into running arbitrary code, but the issue was patched last week.

Google released an emergency Chrome update on Friday to patch a zero-day vulnerability that has been exploited in the wild.

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Leaning Technologies today launches BrowserPod for Node .js, the first engine of BrowserPod, a universal execution layer for browser-based compute. BrowserPod provides a sandboxed runtime API that ...