CVE-2021-22681, an old vulnerability affecting ICS products from Rockwell Automation, has been exploited in attacks.

Google Threat Intelligence Group warns enterprise systems increasingly targeted by zero-day exploits - SiliconANGLE ...

Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes ...

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances.

Anthropic has published research on an AI-driven system called Co-RedTeam, built to discover and exploit software security flaws through coordinated large language model agents. The tool represents a ...

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very ...

In a reversal of a long-standing trend, researchers at IBM’s X-Force threat intelligence unit say they have observed a 44% increase in cyber attacks that begin with the exploitation of vulnerable ...

Stop treating your vulnerability program like an audit checklist, and start treating it like the real-time risk management ...

Chinese state hackers and spyware vendors are fueling a rise in zero-day attacks, which increasingly target enterprise software and devices — security and networking products in particular.

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...

A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...