Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

AI code security risk: The need for a smarter layer between detection and remediation

AI is accelerating code and risk. Security needs smarter triage beyond detection to remediation.
SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...

GitHub rushed to fix a critical vulnerability in less than six hours

GitHub’s engineering team developed a fix and deployed it just over an hour after identifying the root cause, protecting both ...

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

NGINX: DoS vulnerability is being attacked

Security vulnerabilities exist in NGINX Open Source and NGINX Plus from F5. One is already being exploited and leads to DoS conditions.
The Hacker News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...
Business Wire

ArmorCode Furthers its Mission Towards Unifying Application Security and Infrastructure Vulnerability Management to Address Most Pressing Security Challenges

PALO ALTO, Calif.--(BUSINESS WIRE)--ArmorCode, the leader in AI-powered Application Security Posture Management (ASPM), today announced the growth of its ASPM Platform with the industry-leading ...
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...