Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

CISA has expanded the Known Exploited Vulnerabilities catalog with three bugs targeted by the nation-state-grade Coruna iOS exploit kit.

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) ...

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.

LastPass bills itself as a way to simplify your life by storing all your passwords and account details in one place. However, it's looking a little less convenient now, as the service deals with its ...

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Symantec Monday said the Internet Explorer zero-day exploit code published over the weekend does not work reliably but that a better written version is likely on the way. Symantec Monday said the ...

As Microsoft recommends that users focus first on installing the MS09-065 patch released Tuesday, experts are agreeing with that advice because exploit code for remote execution appears to be right ...