The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.

Several independent coding groups have posted code on the Internet that can allow hackers to exploit a previously disclosed vulnerability in Microsoft Corp.’s Windows operating system. The Windows ...

There are times when network security defenders need to compile exploit code. It is not unusual for more than a dozen new exploits against Windows and Linux machines to be released each day, and ...

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on ...

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...

New computer code that exploits a recently disclosed hole in Microsoft Corp.’s Internet Explorer Web browser is circulating on the Internet and could allow remote attackers to take full control of ...

Exploit code for a critical printer software vulnerability became publicly available on Monday in a release that may exacerbate the threat of malware attacks that have already been underway for the ...

The tech giant has provided a patch for the root escalation vulnerability, which affects a number of devices that run the Cisco Integrated Management Controller. Cisco disclosed a new high-severity ...

Researchers that reverse engineer software to discover programming flaws can no longer legally publish their findings in France after a court fined a security expert on Tuesday. In 2001, French ...

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject ...