Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
There's a huge hole and no one is patching it thus far. A critical, remote code execution (RCE) bug in Gogs, a popular open-source self-hosted Git service, can be exploited by any authenticated user - ...
The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The popular ...
On May 28, 2026, security researchers disclosed a severe vulnerability in the self-hosted Git service Gogs that enables remote code execution. The flaw, which does not have a CVE identifier, was ...
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The ...
A critical security vulnerability in a Voice over Internet Protocol (VoIP) phone deployed in small and midsized businesses (SMBs), hotels, call centers, and other organizations globally has ...
A new paper gives an insider’s perspective into CISA’s Known Exploited Vulnerability catalog – and also offers a free tool to help security teams use the CISA KEV catalog more effectively. The paper, ...
Instead of hacking themselves, attackers are increasingly deploying a free AI weapon that hacks for them. Twelve autonomous AI agents juggle 150 highly specialized security tools, from reconnaissance ...
A new spear-phishing campaign has emerged against governments and militaries in South Asia, including in Bangladesh, Nepal, Pakistan, and Sri Lanka. Researchers from Acronis have attributed the ...
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. Security researchers at Rapid7 on Thursday flagged the discovery ...