Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Attackers are currently targeting websites created with the CMS Drupal. However, pages are only vulnerable if they use ...

7-Zip: Update closes code smuggling vulnerability

The popular compression program 7-Zip contains a vulnerability that allows the injection of malicious code. An update is ...

Google posts Chromium browsers' proof-of-concept exploit code without a fix

Chrome, Edge, Brave, Opera, and other Chromium-based browsers could reportedly be exposed to abuse after Google accidentally ...
Bleeping Computer

New Veeam vulnerabilities expose backup servers to RCE attacks

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. Tracked as CVE-2025-59470, this ...
The Hacker News

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

CISA added two exploited bugs to KEV, forcing federal agencies to patch Langflow and Apex One flaws by June 4, 2026.